In my previous article, "Five Simple Steps for Securing Your Wireless LAN on a Shoestring Budget," I outlined a few low-cost ways you can harden your 802.11-based wireless systems from snooping eyes. Once you implement those changes, the true test is to see how your airwaves look from a hacker’s eye view. There are several must-have tools that can help you along with this. Keep in mind there’s a bit of knowledge required to operate these tools and interpret their findings but it’s not rocket surgery. All that’s required is a little bit of reading and a little bit of practice to find out where your wireless network is (still) vulnerable.

In addition to a laptop computer, wireless network card (ideally one that has an antenna connection), and an external antenna (I like the Cantenna from cantenna.com), consider adding the following tools to your security testing toolbox.

1. NetStumbler (www.netstumbler.com/downloads) to find out what wireless devices respond to a “hey, anybody there?” request.
2. Kismet (www.kismetwireless.net) to find wireless devices that may not respond to NetStumbler requests, capture packets, and much more.
3. Auditor (new.remote-exploit.org/index.php/Auditor_main) to be able to run Kismet and a ton of other wireless network tools directly from a bootable CD without having to fuss and cuss getting Linux to work with wireless drivers.
4. AiroPeek (www.wildpackets.com/products/airopeek) wireless network analyzer to capture packets, look for top talkers, analyze protocols, and practically anything else wireless-related – all in a very easy-to-use graphical interface.
5. AirMagnet Laptop Analyzer (www.airmagnet.com/products/laptop.htm) for a really nice graphical representation of anything imaginable regarding the 802.11 protocol.
6. AirDefense Mobile (www.airdefense.net/products/admobile) wireless network analyzer for, again, a nice graphical view of wireless systems, network health, device tracking, and more.
7. CommView WiFi (www.tamos.com/products/commwifi) for a great lower-cost wireless network analyzer alternative to monitor the airwaves, capture packets, generate packets (great for wireless packet injection), bandwidth monitoring, and more.
8. SoftPerfect Network Scanner (www.softperfect.com/download) for matching up MAC addresses you find with the tools above to actual live IP addresses connected to your network (major time saver).
9. Aircrack (www.cr0.net:8040/code/network) for cracking WEP keys to find out just how vulnerable this security protocol can be.
10. GFI LANguard Network Security Scanner (www.gfi.com/lannetscan) and QualysGuard (www.qualys.com) for in-depth vulnerability testing of the hosts on your wireless network including workstations, servers, access points, and more.

There are a ton of tools to choose from and these are just the tip of the iceberg. With the exception of the wireless network analyzers (you can choose the one that best suits your needs), you’ll likely need most of these tools and possibly more. This is especially true if you want to get the most detailed picture of your wireless network security and you’re really serious about locking things down. Remember that with a few exceptions, you get what you pay for. That’s understandable though since security, like freedom, is not free.