1

I’m considering developing a simple WiFi scanner and logging App that can run as a service 24 hours a day for months, passively collecting changes in the surrounding wireless environment with the following features:

  • Log changes to BSSIDs, ESSIDs, signal strength, number of clients, etc.
  • Displaying everything on a simple dashboard;
  • Notifications of new access points setup in the surrounding area;
  • Notifications of new WiFi clients per station;
  • Notifications of SSID changes (WiFi name changes);
  • Notifications of de-authentication attacks;
  • Possibly capture handshakes (though that’s not a primary objective);
  • Run on a low cost platform such as a Raspberry Pi with a simple apt-get install to get it started.

I’m well aware that other “war driving” type solutions such as Kismet Logging but the focus here would be collecting data from a specific fixed point and getting notifications of interesting changes in real time as apposed to stumbling upon them later through an API from Wiggle for example.

I don’t want to invest too much time recreating a solution that already exists. Is there something that already does all of this, or a combination of tools I’d be better off combining with a script? E.g. Kismet & Kibana in a Docker image possibly?

Gerard de Jong
  • 111
  • 2
  • What you have described would be built-in functions into the AP or requires data best obtained from the AP. Why create a 3rd party device to try to capture all that at the wifi level? I'd write a script that would log into the AP and scrape this data in order to compensate for the features that are lacking. – schroeder Aug 10 '20 at 07:04
  • This has nothing to do with monitoring devices attached to access points you already have control over. This would be to monitor changes to access points you do not own or have control over to allow you to detect if a new neighbor moves into the area and sets up a new access point, or replaces an existing access point with a new one, or buys a new wireless printer or gets a new phone that they connect to their existing router for example. – Gerard de Jong Aug 10 '20 at 13:11
  • When you added "capture handshakes", that suggests that you can see the handshakes, that's why I was confused. And when you want to know "clients ***per station***, that also suggests that you can tell which broadcasting device is connected to which AP, which requires access to the network. So, my comment stands. You cannot get this data without being apart of the network, and if a part of the network, it's better to get it from the AP. – schroeder Aug 10 '20 at 13:25
  • There are lots of simple ways to log AP changes, though (number, BSSID, strength, etc.). Tons of pre-made apps for that or you can make a simple script for aircrack. – schroeder Aug 10 '20 at 13:28
  • 1
    I see that you have expressed some concerns. Maybe I need to rephrase? Let me ask this instead: how can one determine which AP a device is connected to without being a part of that network? – schroeder Aug 10 '20 at 19:33

0 Answers0