- iwlist wlan0 scanning - returns channel, quality, SSID, bit rates
- sudo iw dev wlan0 scan passive | grep SSID - returns just the SSID
- nm-tool - display a lot of wifi and eth settings
- nmcli dev list | grep DHCP - display only DHCP information
- nmcli con list - list the saved wireless/VPN connections
- nmcli dev wifi - List available SSIDs, connection state, Frequency, Security type and MAC of the AP.
Wireshark
On Linux Wireshark can do captures in "monitor mode" which allows you to capture the management frames that the wifi driver normally removes. This will allow you to see the beacons from the AP or client and is useful in a lot of situations. There are plenty of youtube videos and web pages that explain how to use the capture.To enable monitor mode run this command before you start Wireshark. If your wireless adapter is not WLAN0 you will need to change the command to reflect the correct adapter.
mhubbard@1S1K-SYS76:~$ sudo airmon-ng start wlan0
[sudo] password for mhubbard:
Interface Chipset Driver
mon1 Unknown iwlwifi - [phy0]
wlan0 Unknown iwlwifi - [phy0]
(monitor mode enabled on mon2)
mon0 Unknown iwlwifi - [phy0]
In this case the monitor mode interface is mon2. When you start Wireshark select mon2 as the capture interface.
When you are done capturing run the following to stop monitor mode:
airmong-ng stop mon2
Displaying SSID information
You can get a lot of useful information using iwlist.
iwlist wlan0 scanning
This will return the MAC of the AP's radio, the channel, RSSI, ESSID and Bit Rates.
mhubbard@1S1K-SYS76:~$ iwlist wlan0 scanning
wlan0 Scan completed :
Cell 01 - Address: 84:B8:02:13:43:BF
Channel:36
Frequency:5.18 GHz (Channel 36)
Quality=52/70 Signal level=-58 dBm
Encryption key:on
ESSID:"test"
Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s
Mode:Master
Extra:tsf=0000007b5a22583e
Extra: Last beacon: 75468ms ago
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : CCMP
Pairwise Ciphers (1) : CCMP
Authentication Suites (1) : PSK
sudo iw dev wlan0 scan passive | grep SSID
This will return a list of the SSIDs that the radio can see.
mhubbard@1S1K-SYS76:~$ sudo iw dev wlan0 scan passive | grep SSID
SSID: test
SSID: Belkin.5D98_2GEXT
SSID: NETGEAR55
SSID: Guest
nm-tool
This will return the MAC address of the bluetooth radio and wireless adapter along with the connection state, speed, SSID you are connected to and the IPv4 settings.
mhubbard@1S1K-SYS76:~$ nm-tool
NetworkManager Tool
State: connected (global)
- Device: FC:E9:98:57:E9:D5 ----------------------------------------------------
Type: Bluetooth
Driver: bluez
State: disconnected
Default: no
Capabilities:
- Device: wlan0 [test] --------------------------------------------------------
Type: 802.11 WiFi
Driver: iwlwifi
State: connected
Default: yes
HW Address: E4:B3:18:9F:FD:99
Capabilities:
Speed: 324 Mb/s
Wireless Properties
WEP Encryption: yes
WPA Encryption: yes
WPA2 Encryption: yes
Wireless Access Points (* = current AP)
Guest: Infra, 84:B8:02:13:43:BE, Freq 5180 MHz, Rate 54 Mb/s, Strength 70
*test: Infra, 84:B8:02:13:43:BF, Freq 5180 MHz, Rate 54 Mb/s, Strength 73 WPA2
test: Infra, 84:B8:02:13:43:B0, Freq 2412 MHz, Rate 54 Mb/s, Strength 100 WPA2
IPv4 Settings:
Address: 192.168.10.151
Prefix: 24 (255.255.255.0)
Gateway: 192.168.10.254
DNS: 208.67.220.220
DNS: 208.67.222.222
nmcli dev list | grep DHCP
If you just need your DHCP settings.
mhubbard@1S1K-SYS76:~$ nmcli dev list | grep DHCP
DHCP4.OPTION[1]: | host_name = 1S1K-SYS76.default.domain.invalid |
---|---|
DHCP4.OPTION[2]: | expiry = 1482463402 |
DHCP4.OPTION[3]: | broadcast_address = 192.168.10.255 |
DHCP4.OPTION[4] | dhcp_message_type = 5 |
DHCP4.OPTION[5]: | dhcp_lease_time = 691200 |
DHCP4.OPTION[6]: | ip_address = 192.168.10.151 |
DHCP4.OPTION[7]: | subnet_mask = 255.255.255.0 |
DHCP4.OPTION[8]: | dhcp_renewal_time = 345600 |
DHCP4.OPTION[9]: | routers = 192.168.10.254 |
DHCP4.OPTION[10]: | domain_name_servers = 208.67.220.220 208.67.222.222 |
DHCP4.OPTION[11]: | dhcp_rebinding_time = 604800 |
DHCP4.OPTION[12]: | network_number = 192.168.10.0 |
DHCP4.OPTION[13]: | dhcp_server_identifier = 192.168.10.254 |
nmcli con list (Note: list has been replaced with show. If list returns an error try show. The output is slightly different)
If you want to see all of the WLANs that you have saved. Notice how much information your laptop has on your connections.
mhubbard@1S1K-SYS76:~$ nmcli con list
NAME | UUID | TYPE | TIMESTAMP-REAL |
---|---|---|---|
YHS | d6ace886-c217-4ed8-ac17-bf6e79015c0e | 802-11-wireless | Wed 30 Nov 2016 08:14:07 AM PST |
JUSD-PSK | 70b88ce4-6076-4fa8-813e-f2b672e65671 | 802-11-wireless | Fri 02 Sep 2016 09:12:12 PM PDT |
1S1K-phone | cf206603-2ad1-41c6-a1a6-826d916997e3 | 802-11-wireless | Thu 13 Oct 2016 05:33:48 PM PDT |
ITWiFi | 4152633c-301b-4686-88b4-f329d95eaddc | 802-11-wireless | Tue 13 Dec 2016 03:18:39 PM PST |
Wired connection 1 | a1e63f8e-d28a-4c4f-a1a8-ca8e93e40114 | 802-3-ethernet | Tue 13 Dec 2016 03:16:43 PM PST |
RUSD | a0bd712e-41b9-484a-95f7-d6098e5fba3b | vpn | Fri 18 Nov 2016 12:43:19 PM PST |
Troy's iPhone Network | bd8ca1a1-df3f-4092-96cb-cc22ee6bc868 | bluetooth | never |
This one displays information about the SSIDs that can be seen.
mhubbard@1S1K-SYS76:~$ nmcli dev wifi
SSID | BSSID | MODE | FREQ | RATE | SIGNAL | SECURITY | ACTIVE |
---|---|---|---|---|---|---|---|
'Guest' | 84:B8:02:13:43:BE | Infrastructure | 5180 MHz | 54 MB/s | 70 | -- | no |
'test' | 84:B8:02:13:43:BF | Infrastructure | 5180 MHz | 54 MB/s | 73 | WPA2 | yes |
'Belkin.5D98' | 20:1C:C8:03:24:35 | Infrastructure | 2437 MHz | 54 MB/s | 34 | WPA2 | no |
References
nmcli — command-line tool for controlling NetworkManager
Scripts: Utilize NetworkManager via nmcli instead of managing network connections manually.
RHCSA-Network Flas cards
No comments:
Post a Comment