It’s a real challenge. While business tries to keep their networks secure, some employees sneak WiFI hubs into the building and connect to the network so that they can use wireless devices from home, cell phones, tablets,…. We don’t question their motives. Employees are simply trying to be as productive as possible with devices they are familiar with. What they don’t appreciate is that unprotected WiFI, known as 802.11 networks, can open gaping holes in network security. We are actually seeing networks that can be easily accessed from the company parking lot. What to do…

Kismet is an open source tool for discovering wireless networks. It can be used to troubleshoot a wireless network and detect network intrusions. It is a similar tool to netstumbler (which is used in the Windows world) but it does have some differences. One area in which kismet is superior is the ability to detect hidden 802.11 wireless networks.

The significant area of difference between kismet and netstumbler is how kismet detects a 802.11 network. Kismet listens for a beacon transmission from a wireless access point; this is in contrast to netstumbler which sends broadcast for any Service Set Identifier (SSID). The advantage of listening rather than broadcasting is that kismet is able to detect networks that do not advertise an SSID.

Kismet uses channel hopping to enable detection of wireless networks. This means that it will listen on one channel, then hop to another channel and listen, then to another and so on. Channel hopping is a simple algorithm that hops from channel to channel in a pre-determined pattern. Kismet can detect a client’s response to a beacon frame and uses this to associate the client with a wireless access point.

By simply monitoring WiFI with a product like Kismet, a business will know immediately when new WiFI network appear before they give away the corporate secrets.