Results 1 to 4 of 4

Thread: Enumerate Wireless Clients

  1. #1
    Junior Member imported_seven's Avatar
    Join Date
    May 2007
    Posts
    97

    Default Enumerate Wireless Clients

    Hello, any tips on how to enumerate wireless clients? On my home network, I can scan for clients via nmap, ettercap, etc. But how can I tell which ones are connected via the wlan? Besides Kismet, I can't really think of another way. The only way I know is because I setup the 2 laptops that are connected to them lol.
    Lying is my life.

  2. #2
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default

    Quote Originally Posted by seven View Post
    Hello, any tips on how to enumerate wireless clients? On my home network, I can scan for clients via nmap, ettercap, etc. But how can I tell which ones are connected via the wlan? Besides Kismet, I can't really think of another way. The only way I know is because I setup the 2 laptops that are connected to them lol.
    Have you tried autoscan-network? it's included on backtrack. Don't know for sure if it does what you ask for, but i think you should try. Other way is to access your router's settings page, most routers (if not all) show who's connected and if it's by wireless or cable.

  3. #3
    Junior Member imported_seven's Avatar
    Join Date
    May 2007
    Posts
    97

    Default

    I have not yet used autoscan. i'm not on backtrack atm but will check. I am aware I can check it in the router. I was just wondering if there are other methods besides doing this and besides user kismet. I can do it in kismet, but just wondering if there are other methods. Maybe a program to listen for probes associated to the AP and list them (which is what kismet does i'm assuming). I guess I can try to program something to do this for me, but like I said, I am wondering if anyone knows any other method to separate wireless clients from hardwired clients.
    Lying is my life.

  4. #4
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Sure, you can do it via airodump as well. The idea is for the medium to be invisible after the network layer though, technically you shouldn't be able to tell if it is ethernet either.

    You could use nmap's ARP ping to determine the MAC of each client and collaborate that to the manufacturer though. Also an AP tends to provide that sort of information on a web page or via SNMP.

    But as I said, the concept is that the medium is non-essential to the communications, so short of sniffing explicitly for wireless, you are relying on tools that might not operate for you elsewhere.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •