4. Wireless Mayhem

Figure 3: The Wireless Tools selection

Arguably, you will have the most fun with the wireless security tools. I know I did. You get scanners such as Kismet and Wellenreiter. You can see a screenshot of Kismet running below. All of the installation and configuration nightmares have been taken care of. You just have to open the application.

Figure 4: Kismet in action

If you have any network training, then you know the Media Access Control (MAC) address is burned into your network card. This creates a "serial number" of sorts for every wireless and wireless interface card out there. With the handy dandy MAC address changer utility (Auditor > Wireless > Change your macaddress), you can have a new MAC address in about five seconds.

You can have the program make a random MAC address or you type in your own. So you can make your Cisco card appear to be a Linksys card. Or you can spoof an existing MAC address on the network .

Figure 5: Changing your MAC address is easy

Figure 6 shows the address resolution protocol (ARP) table of our Windows "victim" computer. I pinged the computer from the ASC booted laptop. Our real MAC address is 00-90-96-85-4c-e6. After the first ping, I used the MAC address changer and made up a random MAC address. After the second ping, the victim ARP table saw the MAC address of 04-6c-75-e8-49-ec.

Figure 6: Detection of changed MAC address by Windows

Finally, you can make the computer appear to be a wireless hotspot and intercept all the wireless traffic. In the screenshot below you can see our Windows machine detecting the fake hotspot.

Figure 7: It's easy to spoof an AP