Re: Monitor Wireless Networks OT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 02/24/2014 07:58 PM, Billy Crook wrote:
> On Thu, Feb 20, 2014 at 3:50 PM, Frank Cox <theatre@xxxxxxxxxxxxxxxxxxx> wrote:
>> On Thu, 20 Feb 2014 15:42:35 -0600
>> Joseph Hesse wrote:
>>
>>> Apparently my hardware is not sufficient.  When I run "iwlist scan" I get:
>>>
>>> lo p5p1; Interface doesn't support scanning
>> I'm pretty sure you have to run it as root user.
> You also have to run it on your wireless nic.  p5p1 sounds like a
> gig-ethernet wired nic.  wlp should be your wireless
>
> You might also have to ifup wlan0 or ifconfig wlan0 up to get it to
> scan.  Sometimes if its down, it won't scan.
>
> I thought I might share my scripts anyway.  First the awk, then the cronjob.
>
> # cat bin/iwlistparse.awk
> $1 == "BSS" {
>      MAC = $2
>      wifi[MAC]["enc"] = "Open"
>      wifi[MAC]["mac"] = $MAC
> }
> $1 == "SSID:" {
>      wifi[MAC]["SSID"] = $2
> }
> $1 == "freq:" {
>      wifi[MAC]["freq"] = $NF
> }
> $1 == "signal:" {
>      wifi[MAC]["sig"] = $2 " " $3
> }
> $1 == "WPA:" {
>      wifi[MAC]["enc"] = "WPA"
> }
> $1 == "WEP:" {
>      wifi[MAC]["enc"] = "WEP"
> }
> END {
> #    printf "%s\t\t%s\t%s\t\t%s\n","SSID","Frequency","Signal","Encryption"
>
>      for (w in wifi) {
>          printf "%s\t\t%s\t\t%s\t%s\n",wifi[w]["SSID"],wifi[w]["mac"],wifi[w]["freq"],wifi[w]["sig"],wifi[w]["enc"]
>      }
> }
>
> # cat bin/wlanpatrol
> #!/bin/bash
> tstamp="$(date +\%Y\%m\%d\%H\%M\%S)"
>
> #Wirelss is flakey.  Retry a 'few' times to get the right number of
> authorized APs, or any APs at all.  sometimes scans just fail
> iter=0
> while [[ "${iter}" -le 60 ]]
> do
>          iter=$(( ${iter} + 1 ))
>          /sbin/iwlist wlp12s0 scanning 2>&1 | grep -v 'wlp12s0\ \ \
> Interface\ doesn'\''t\ support\ scanning\ :\ Device\ or\ resource\
> busy' > /root/iwlistlogs/${tstamp}
>
> #Replace 00.11.22.33.44.55's with the mac addresses of your authorised APs
>          OurAPCount="$( awk -f /root/bin/iwlist.awk <
> /root/iwlistlogs/${tstamp}  | grep -i -e '00.11.22.33.44.55' -e
> '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e
> '00.11.22.33.44.55' -e '00.11.22.33.44.55' | wc -l)"
>          if [[ ! -s "/root/iwlistlogs/${tstamp}" ]]
>          then
>                  continue
>          fi
>
> #In our environment, I expect 6 legitimate APs be visible at all times.
>          if [[ ${OurAPCount} -eq 6 ]]
>          then
>                  break
>          fi
>          #echo OurAPCountError: ${OurAPCount} found.
>
>          sleep 0.1
> done
>
> APCount="$( awk -f /root/bin/iwlist.awk /root/iwlistlogs/${tstamp}  | wc -l)"
>
> #Here we check for bits and pieces of our actual company name in the
> names of all detected APs.  Then we ignore the authorized mac
> addresses, to come upwith a list of APs pretending to be us.
> RogueAPs="$( awk -f /root/bin/iwlist.awk < /root/iwlistlogs/${tstamp} | \
> grep -i -e my -e company -e mc -e myc -e yco -e com -e omp -e mpa -e
> pan -e any | \
> grep -i -v -e '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e
> '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e
> '00.11.22.33.44.55' )"
>
> if [[ $OurAPCount != 6 ]]
> then
>          awk -f /root/bin/iwlist.awk < /root/iwlistlogs/${tstamp} |
> mail -s "Abnormal number of Our authorized APs: ${OurAPCount}"
> bcrook@xxxxxxxxxxxxx
> fi
>
>
> if [[ ! -z "${RogueAPs}" ]]
> then
>          mail -s "ROGUE APS IN USE" bcrook@xxxxxxxxxxxxxx <<< "${RogueAPs}"
> fi
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
Thank you for the script.
FYI: p5p1 is the name of the wireless interface on my Fedora 20 laptop.  
It was assigned automatically. It appears as wlan0 on my CentOS 6.5 laptop.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux