OpenWIPS-ng: open source and modular Wireless IPS
OpenWIPS-ng is an open source and modular Wireless IPS (Intrusion Prevention System). It is composed of three parts:
- Sensor(s): “Dumb” devices that capture wireless traffic and sends it to the server for analysis. Also responds to attacks.
- Server: Aggregates the data from all sensors, analyzes it and responds to attacks. It also logs and alerts in case of an attack.
- Interface: GUI manages the server and displays information about the threats on your wireless network(s).
– A wireless capable of monitor mode
Development software (build-essential package on Debian/Ubuntu based distro):
– Openssl development package
– sqlite3 (development package)
Libpcap installation on cygwin
1. Install Winpcap 4.1.1 or higher (http://winpcap.org)
2. Close any Cygwin shell opened
3. Open a new Cygwin shell and do the following to install it on Cygwin
cp Lib/*.a /lib
cp -R Include /usr/include/pcap
# The following should return the path to these files
# and usually it is /cygdrive/c/WINDOWS/system32/
git clone https://github.com/aircrack-ng/OpenWIPS-ng.git
sudo make install
Edit the configuration file /usr/local/etc/openwips-ng/openwips-ng-server.conf
openwips-ng MONITOR_MODE_INTERFACE SERVER_IP SERVER_PORT LOGIN PASS