Build a Portable Security Tool with the ASUS Eee PC and Ubuntu - Page 2
Tiny, cheap, and Linux-friendly, the ASUS Eee PC makes for the perfect portable network security tool. Just add Ubuntu.
Fire It Up, Make Wireless Work
Once you're booted into Ubuntu, you'll notice that the wireless card doesn't work, but you can bring it up using the Linux ndiswrapper utility.
First you'll need to copy the Windows XP .inf and .sys driver files for the wireless card from the ASUS CD supplied with the machine (or from ASUS's support site) into your home directory. Once you've done that you need to blacklist the non-functioning Madwifi drivers on the machine to prevent them from loading and interfering. Open the blacklist file for editing using gedit /etc/modprobe.d/blacklist then add the lines:
blacklist ath_pci blacklist ath_hal
Then save and close the file and reboot the machine.
And finally add the ndiswrapper module to the kernel with modprobe ndiswrapper
Now you'll have a working wireless card, but the bad news is that with the ndiswrapper driver it is not capable of being put in to monitor mode or carrying out packet injection. For this you'll have to wait for a native Linux driver fromMadwifi that supports the AR5BXB63. According to Madwifi forums, such a driver is under development and could be released at any time. If you need this functionality straight away then you'll have to fork out for a USB wireless adapter, such as the Alfa AWUS036S or the D-Link DWL-G122 version C1, which has suitable Linux drivers that can be patched to enable injection. Alternatively, if you are feeling brave, you could open up the Eee PC to access the PCI Express slot inside, and replace the existing AR5BXB63 wireless card with one which uses a wireless chip for which suitable Linux drivers do exist.
Assemble Your Tools
The last step in building your portable security device is installing your open source security tools, which you can get from a variety of places. Most are available as pre-compiled packages from Ubuntu's repositories, which you can access with the Synaptic Package Manager apt front end, accessed from Ubuntu's desktop through the System»Administration sub-menu. The Eee PC's 7" screen can make it hard to see which buttons need clicking for installation, but this is just about the only fault with the device.
What you choose to download is up to you, but a suggested minimum security toolbox might include:
- Nmap for scanning
- Ettercap for packet sniffing/intercepting
- Wireshark for packet sniffing
- Aircrack-ng suite for wireless auditing, access point detection and password analysis/cracking
- Metasploit 3 for framework for penetration testing
- John for offline password testing
- Hydra for online password testing
- Kismet for network access point detection
With the exception of Metasploit 3 and Hydra, all these packages are available from Ubuntu repositories through Synaptic.
In the coming weeks we'll be taking a look at some of the tools mentioned above, and how you can use them to help maintain the security of your network.