Report on Monitoring a Network Using Netstumbler

WIRELESS NETWORKS CSCE 5520

HOMEWORK 5

REPORT ON MONITORING A NETWORK USING NETSTUMBLER

ADITYA KOWTHA

10526800

Introduction to Netstumbler :

NetStumbler is a tool which allows you to detect and identify wireless access points.NetStumbler allows you to detect Wireless Local Area Networks (WLAN). You can use it to verify that your network is set up the way you intended, find locations with poor coverage, identify other networks that may be causing interference on your network, detect unauthorized "rogue" access points in your workplace, and aim directional antennas for long-haul WLAN links. Therefore, we can monitor closely, wireless network using Netstumbler. NetStumbler will start in a record mode and will automatically configure the wireless card, so it's as simple as launching the tool while the wireless card is enabled.The first thing seen will be a window with a bunch of green bubbles. The green means that the signal is strong. Other colors include yellow which indicates a weaker signal, red for a very weak signal and grey for signal loss. This window looks like this:

Also, some Access Points have lock symbols in the green bubble and others don't. The lock symbol is the first indication that the AP has encryption enabled. Along the same column, notice that the header or title of that column is MAC. The Media Access Control or MAC address is a unique code assigned to networking hardware, in this case the MAC address is referring to the address assigned to the Wireless AP (WAP). So beside the green bubble is seen the 12 character MAC address for that AP.The next column displays that Access Points Service Set Identifier (SSID). The SSID is basically the name of the AP and must be known to join.

Readings Obtained:

In this assignment, I have obtained, using Netstumbler, a few readings of the details of wireless networks deployed in and around the ResearchPark. These are as tabulated below:

This reading has been obtained in the General Access Help Lab. As seen here, there are 10 access points enabled. Of these, only 4 access points have strong signals, indicated by the green bubbles beside them. The second access point, which has been identified as a fake access point has WEP encryption enabled, which is seen in the figure, as a lock enclosed in the grey bubble. The 12-characters beside each bubble are the MAC addresses of the Access points. The SSID column indicates the name of the access point. Also shown here are the signal strengths at each access point and the signal-to-noise ratio, and speed at each access point.

The second reading has been obtained in the corridor near the Computer Science Department office:

As seen here, there are 16 access points, and 7 of these are active,of which only 2 have strong signals, and WEP enabled. The other five access points are active but have less signal strengths. Three Fake Access points have been identified here.

The third reading has been obtained near the stairs near the main entrance. The network points here are as depicted below:

Here, there are 23 access points, but only 3 of these are active. Two of the access points have WEP enabled on them. Also, there are 7 fake access points discovered.

The final reading has been obtained just outside the campus, in an open environment, to see the possible coverage of wireless network outside the building. This was done by moving around with the laptop in a car around the campus to check mobile connectivity:

There are 25 access points shown, of which 2 are active, and have WEP encryption enabled but possess only minimum signal strength. Of all the access points, 7 access points have been identified as fake access points.

Conclusion:

From the readings obtained above, it has been observed that the signal strength at each access point varies in time and in relative location of the mobile laptop with respect to the access point. This is because of the fact that the wireless propagation is affected by many factors, such as obstacles, causing interference or loss of signal. The strength of the signal from an access point is stronger when close to the access point, and decreases as one moves away from it. Therefore, the signal strength is significantly less outside the building than the signal strength inside the building. Also, the wireless propagations are not constant at every instant of time, but vary with time in their strengths at a given position near an access point.