What I am trying to do in a nutshell: Try to see my wireless network as an intruder would see it. If I understand it right the first step would be a port scan.
I know how easy it is to crack WEP. I call it a sign on the door kindly asking people not to come in. :P
I have studied WPA a little bit too. I know how to deauth a client and then get the handshake. However, this is not my goal.
I know I was wrong in trying to scan the bssid and the ssid but I figured since just giving in the IP didn't get me anywhere either I would give it a try. :P Also I thought there should be something in the command line to specify the network. It now seems there is no need for that.
I have changed my WPA key into something extremely hard to guess or to brute force. It is about 20-30 characters long and goes something like "lPf57z1p".
I know that with open ports I might be exploited, hence the view from the outside. To be honest I did not search for those yet as I have no need for them but perhaps I should make the time to do so.
For now, I would just like to do this port scan and see where it takes me. Is it really required to be associated with my network to run a port scan with Nmap and if so could you tell me what other program I should be using? If association is not needed, could you please tell me what the correct syntax should be?
Perhaps I am making it too hard. Then again, I did find Nmap online and it told me my ports are filtered. I could try to find a hot spot but that would cost money and I would probably be breaking their TOS. Not to mention I would need to buy a laptop and I have a misguided feeling the router might look different when approached from the wired web instead of the wireless. All that while I have the equipment to do it myself. I just need to find the knowledge to use that equipment. Now I know there are two WEP encoded networks in range and I could be in it within 10 minutes but that would mean breaking the law. With a criminal record I would be unemployed so I will refrain from using that option, hope you agree.
All I really want is to either know what I am doing wrong or to please be pointed to a place that could help me. Even though I know Google would be the place to point to I still have not found where on Google I should be. Pointing to nmap itself doesn't work for me either. Or do you expect me to read every single blog the creator posts on it? I tried the ref guide and parts of the book that are free.
The scan never ran as I got an error. The error is posted above. The commands I tried varied from just the BSSID, the SSID, the IP to any combination on the three.
You have a point in your last post. Good thing I checked before posting reply.
The command: nmap -e wlan0 220.127.116.11/16
Output: I can't figure out what source address to use for device wlan0, does it even exist?
I then tried "--iflist" and it showed me only the 127.0.0.1 loop address.
This is getting me somewhere.