Sniff Wi-Fi

Since I'm typing this during the intermission of the U.S. Hockey team's attempt to upset the heavy favorites for the gold medal, I thought I'd appropriate the famous line from the Miracle on Ice 30 years ago for today's blog headline. After analyzing the security of the in-flight WiFi offering six months ago, it's time to revisit the GoGo offering and discuss why it really makes things safer for the data security on airplanes as a whole. Gogo is an airplane-based Internet WiFi service available from several airline carriers on flights across the continental United States. Gogo is a fee-based service that costs $30 for a 30 day pass (which I am grateful for due to having four cross-country Delta trips in a twelve day period) or $13 for a single day pass (handheld devices get a $5 discount on the daily price). Gogo security is what could be described as borderline negligent in a typical WiFi guest access environment. Essentially, they are mainly protecting themse

At the risk of sounding like a flip-flopper , I have to reassess my previous post about Airpcap. I was doing some sniffing on a few flights recently and I realized that there are some pretty nice things about CACE Technologies' signature product. Nine days ago, I was frustrated. After using Wireshark to view WiFi packet dumps from KisMAC for years, I thought that I was finally being upgraded to first class. I had my Airpcap NX, my CACE Pilot and a few days off from my real work to finally become the acolyte of the open source sniffing movement that I've always wanted to be. (O.K., not really.) I spent my time with the CACE Tech Triumvirate and at every turn I became more and more angered. Every standard sniffing activity seemed three steps harder and two times slower than it should have been. Association tracking, retry analysis; you name it. They all were a pain. I finally gave up and wrote a regrettably titled column citing my displeasure with the whole lot of them. I then

I try my best to stick to real WiFi sniffing when doing this blog, but sometimes a new product comes along that is close enough that it deserves a mention. Meraki, the WiFi infrastructure vendor that specialized in cloud-based management of APs, has released a web-based tool called Meraki WiFi Stumbler. It's not a sniffer in that it doesn't capture frames or identify stations, but it does do typical stumbling functions without requiring an installed application, which is unique. Meraki Stumbler is a free, Java-based tool that is available at the Meraki website. It's completely web-based, so you don't need to run a separate application. The app is intentionally simple. It gives you basic 802.11 discovery information like SSID, security, signal strength, BSSID and channel. It does support both the 2.4 GHz and 5 GHz bands, so you'll see and 802.11a/b/g/n APs in the area. The one oddity is that it ostensibly reads signal strength in dB (I'm assuming they mean

With Valentine's Day ( the movie ) tearing up the box office, I had to harken back to the title of last year's early February rom-com  to describe my feelings about WiFi sniffing with Airpcap, CACE Pilot and Wireshark. I really want to like these products because they are inexpensive and ambitious. In the end, however, they are also too rooted in wired analysis. When I'm doing real WiFi sniffing, I'd rather have something that is elegant, reliable and focused on the basic tasks of wireless analysis. Here's my basic analogy based on He's Just Not That Into You and it's ilk: I'm like the typical guy character in those movies. (Now, that means that I run the risk of coming off like an insensitive jerk here, but if that's the risk of writing an honest blog, so be it.) Airpcap is like the frumpy, energetic, unlucky-in-love girl. It's great to have around, but would I want to choose it as my sniffing partner? No. WildPackets OmniPeek is more like An