Sniff Wi-Fi

Readers of this blog may have noticed that my frequency of blogging has waned in 2011, so it's time for some self-motivation. I'm going to start a series of blog posts titled, "Three Things I Like" and apply to all sorts of WiFi (and possibly even some non-WiFi) topics. I'm going to start with a darned good WiFi sniffer, Fluke Networks' AirMagnet WiFi Analyzer. AirMagnet WiFi Analyzer from Fluke Networks has long been the leading WiFi protocol analyzer by market share . It has also long been one of my favorite tools to use when helping others learn about WiFi. Here are three things that I like about AirMagnet WiFi Analyzer. Pre-made device filters.  When you navigate to the Infrastructure screen (fourth icon from the left in the navigation menu that sits in the far lower left hand corner of the screen), any time you click on an access point (AP) or station, the software immediately starts showing you statistics on frames that are traveling to or from

Last Sunday I took a flight equipped with Gogo in-flight WiFi so that I could work in an office with guest WiFi. The difference in security was stark, and Gogo should make changes to fix their poor (and, in my opinion, negligent) WiFi security. Gogo in-flight WiFi  is a service that I've blogged about before, but I feel compelled to mention it again because the security problems I complained about a year and a half ago are still there even as hacking knowledge and applications have grown. To recap Gogo's poor security design: Open System authentication with no encryption is used for Gogo's WiFi security. This means that applications like Firesheep  allow hackers to do sidejacking attacks, like the one that seems to have been performed on Ashton Kutcher recently.  Captive Portal authentication is used to charge passengers for Internet access. This means that anyone who knows how to spoof a MAC address  (link is for XP, but the same can be done in Vista/Win7 via the N