Detecting vulnerabilities in the WLAN with Wifislax

Guardian Angel

Article from Issue 173/2015
Author(s):

Modern WiFi installations provide comfort, but they often have serious security problems. Wifislax offers an extensive collection of tools for checking the security of your wireless network.

WLANs are extremely popular. A wireless LAN is flexible and easy to set up, and the current standards see wireless networks achieving data transfer rates that were the domain of wired LANs until a few years ago. A misconfigured WLAN, however, can open up the floodgates to attackers, so a close look at the configuration is definitely worthwhile. The Wifislax Linux distribution comes with a preinstalled collection of the best WiFi security tools.

Live Application

Wifislax [1] boots to a GRUB screen in Spanish. If you do not speak Spanish, first go to the Change to English menus entry to make things a little easier. You now have to choose one of two kernel versions: The Run with 486 kernel option is recommended for older hardware. If the computer uses a modern multicore CPU, you can select the Run with SMP kernel option. GRUB does not start the actual operating system immediately afterwards but instead provides various desktops (KDE and XFCE) in another screen and secure modes without ACPI, X Server, or with VESA graphics driver. The actual system only starts after you select one of these options.

At first glance, the Wifislax desktop menu structure does not have any special features other than the subgroups Wifislax and Updaters. However, on closer inspection of the submenus, it becomes apparent that the developers dropped all the ballast from the operating system that does not contribute to the distribution's actual focus. In other words, GIMP, LibreOffice, and Thunderbird, along with other standard programs, are missing from the multimedia sector. Major online applications such as email clients, instant messaging clients, and messenger services have also been removed. However, the scope of programs varies depending on your work environment: KDE integrates some of its many desktop-specific programs, which are completely missing under XFCE.

Installation

You might wish to install Wifislax on your hard drive, because Live mode is a little slow. The Wifislax Installer QT graphical interface dumps the system onto your hard disk in just a few steps. To launch the installer, choose the System menu and select Install Wifislax. The installer interface automatically sets up the desktop environment used for Live operations; however, no localization is provided, so be ready to navigate the installation in Spanish (Figure 1).

Figure 1: Up to now, the project has not provided any localizations for the simple installer, which is only available in Spanish.

Another gripe that emerges during the installation is the complicated preparation of the mass storage. The interface does not let you install the distribution on a previously partitioned hard disk. Instead, you need to first delete all the existing partitions using System | GParted and create new partitions.After a reboot, you can trigger the installation by activating the graphical interface again and clicking Siguiente (Next) to continue. The installer asks which hard disk and partition it should store the system on. After selecting a disk and partition, start the installation by clicking Copiar. A progress bar shows the installation progress.

When the interface outputs the message Operacion finalizada (operation completed), switch to the boot manager configuration by clicking Siguiente again. You can launch the boot manager by clicking Ejecutar GRUB Config (Run GRUB configuration). The Ncurses program gives you a working GRUB 2 boot loader in just a few steps.

After another reboot Wifislax will boot from the hard drive. The distribution's good equipment level, with driver modules even for exotic hardware, stands out positively: Wifislax supports most WLAN cards and external USB WLAN sticks with proprietary firmware drivers.

The Basics

Wifislax focuses on analysis tools and forensic software for wireless networks, and this also includes dedicated network hardware such as routers. The goal is to identify and eliminate vulnerabilities in the configuration. In doing so, the distribution not only takes into account the configuration of the firewall, individual services, or the encryption used, but also the security of passwords and authentication mechanisms.

Wifislax provides countless programs for these applications – most of them run in the terminal, but some also provide a graphical interface. For command-line-based software, Wifislax runs the program in a terminal window. You can start the application with the appropriate options.

Make sure to first clear a small obstacle out of the way before production: The software natively knows only the Spanish and US keyboard layouts; if you need any other layout, you will need to enable it. To do so, click on the flag in the panel the bottom right and, from the menu that appears, select the Properties entry. In the dialog that appears, click on the Add button in the Keyboard layouts: field and then select a layout (Figure 2).

Figure 2: By default, Wifislax only knows the US and Spanish keyboard layout; however, you can add additional options thanks to the configuration interface.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Wifislax 4.6

    Almost every wireless LAN has some potential security weaknesses. The Wifislax Slackware derivative helps detect and eliminate them.

  • SystemRescueCd

    If you accidentally delete data or format a disk, good advice can be expensive. Or maybe not: You can undo many data losses with SystemRescueCd.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News