Pinterest Stumbleupon Whatsapp
Ads by Google

wi-fi security softwareWhen most people think of network security, they think of people sitting up in the computer rooms deep inside corporate headquarters, sifting through thousands of computer assets on networks stretching across the entire globe. Not many people consider monitoring a network as something that is really important in a home setting.

In reality, monitoring the health of your home network is an important safeguard against both network intruders as well as viruses and malware. Most people have installed antivirus software The 10 Best Free Anti-Virus Programs The 10 Best Free Anti-Virus Programs Read More these days and if you’ve been paying attention to the advice of MUO writers, then you’re also aware of how important it is to scan for and clean up adware, spyware and other nasty assorted applications How To Remove Computer Viruses At Home For Free How To Remove Computer Viruses At Home For Free Read More .

However, there is one additional step you can take to ensure that all devices on your home network are healthy and secure, and that is running a regular network security audit on your home network. This is especially true on a Wi-Fi network, where it is far more likely that you may pick up hitchhikers and hijackers within your local community.

Monitor Your Network With Nmap

One of the simplest Wi-Fi security software apps you can use to keep an eye on your Wi-Fi security and network is Nmap. Nmap is actually short for “Zenmap”, which is the title of the app that you’ll see once you install it. This program is a fast and efficient way to scan your entire network. It can be used to conduct a security analysis on one device that you know is on your network, or it can scan an entire range of IP addresses to search for security vulnerabilities on any device.

wi-fi security software

You can see at the top of the main window that there is a field for the “target.” This is the IP address of the device or devices that you want to scan. One of the difficulties of monitoring for unknown devices that are on your network without permission is knowing what the IP address of those devices are. One way to make identifying hijackers much easier is by defining only a range of IP addresses in your router. This way, any computer that connects to your network must have one IP within a range.

Ads by Google

You can do this by going to your router admin panel, clicking on network setup, enabling DHCP and enabling a range of IP addresses to lease out to new devices. In the example below, I’ve started at 192.168.1.100 and allowed for only 50 IP addresses (up to 192.168.1.149).

wifi security audit

Once you do this, you will know what range of targets to scan to look for any surprises on your network. Getting back to Zenmap, if you do want to analyze an individual device, just type the IP address in the target field. Under “Profile“, you can choose what level of scan you want the software to conduct. “Intense Scan” is obviously more thorough, or you can just do a ping to see what devices are live, or a list of other scans as shown here.

wifi security audit

An intense scan gives you a whole lot of information about a device. It’ll do a port scan and tell you what ports are open on that computer or server, what services are running, what operating system and other software is running, and a whole lot more. This is a brilliant way to see whether or not there are any surprises. If any viruses get installed on your machine and open up a new port to start relaying spam, this scan will pick up on it even if your antivirus software didn’t.

wifi security audit

In the ports/hosts tab, you can see a visual display of all ports that are open, their state, protocol, and the service that’s using the port.

wi-fi security

Click on the “Host Details” tab, and you can see a summary display of scanned properties for each host. This can really come in handy when you have a very slow Internet connection and want to see what’s eating up all of your bandwidth. You may be surprised to discover that a device has an odd port open with some unknown service reaching out over the Internet through that port.

wi-fi security

A far more popular use of this software is as a regular network scanner for maintaining a network. You can scan the entire range of IP addresses you’ve defined in your router, and the software will go through each IP, one at a time, and conduct a full scan on each device. You can define a range by using the CIDR style of addressing. In the example below I used /24 numbits to have the software scan 256 hosts starting at 192.168.1.1.

wi-fi security

Once the network scan is done, all active hosts on the network will show up on the list to the left. Keep an eye out for any surprises showing up on your Wi-Fi network. You can click on each host device, and the scan results for that device will show up in the Nmap Output display on the right.

In my opinion, one of the coolest features of this software is the Topology display, which will give you a graphical representation of all of the devices on your network, as well as the security level represented by the scan results. You can right-click on the host node and select to see more details about it.

wi-fi security software

For regular routine monitoring and maintenance of your home or small business network, this wi-fi security software is a must-have. At the very least, it’ll give you the peace of mind of knowing exactly what’s on your network and what sort of activity is going on, utilizing your precious bandwidth.

Give Nmap a try. Did it uncover anything interesting going on in your network? Share your experiences with using it in the comments section below.

  1. Anonymous
    August 20, 2011 at 2:28 pm

    Brilliant - thanks for the recommendation Ammon! And also for pointing out that NMAP is valid for Unix or Mac users as well, that's great.

  2. Marmello
    August 11, 2011 at 10:02 pm

    I suggest you scan the whole ip range (192.168.1.0/24), no only the one you defined to be leased by DHCP. I someone detects which of the reserved network ranges you are using at home - and the bets are on the one from the factory settings - any address manually picked within the range can "talk" seamlessly with the rest of the computers.

    • Marmello
      August 11, 2011 at 10:05 pm

      (please forgive my mistakes)
      I suggest you scan the whole ip range (192.168.1.0/24), not only the one
      you defined to be leased by DHCP. If someone detects which of the
      reserved network ranges you are using at home - and the bets are you are using the factory settings - any address manually picked within the
      range can "talk" seamlessly with the rest of the computers.

  3. Bk201
    August 11, 2011 at 9:02 am

    Nmap isn't a complete security suite for wireless, as the article tries to establish. Other things to take into account are your wireless security protocol (WPA2), length of password and randomness of password. People shouldn't be on your network in the first place to check your ports. If they are, you've lost half the battle already. Oh yeah, and thumbs up to the previous 2 comments.

    • Anonymous
      August 20, 2011 at 2:27 pm

      Again - I only wanted to use it for wireless security, nothing else. If it came across that I was promoting it exclusively for that purpose alone - my apologies.

  4. Guest
    August 11, 2011 at 3:12 am

    And Nmap is not a "wi-fi security auditing" tool, it's a network port scanner (with a lot of functionality).  It can be used on any network, wired or wireless.

    • Anonymous
      August 20, 2011 at 2:26 pm

      Thanks for the corrections! And I know the software can be used for more than just Wi-Fi, but the article was focused on how you can use it to audit your Wi-Fi network. While I realize it shouldn't be called "wi-fi network auditing software", I called it such because that's all I wanted to use it for.

      However, you make a valid point that it can be used for much more than just that purpose.

  5. Guest
    August 11, 2011 at 2:20 am

    Nmap is not short for Zenmap, rather Network Mapper. While there has been a GUI for Nmap since 1999, Zenmap was not added until 2007.

Leave a Reply

Your email address will not be published. Required fields are marked *