Sniff Wi-Fi

One of my favorite things to do is teach Wi-Fi, and one of my favorite tools for teaching is Savvius  OmniPeek .  The good folks at Savvius were nice enough to provide OmniPeek for the Wi-Fi classes I oversee at Global Knowledge , and so I want to offer a taste of how OmniPeek can be used to learn about Wi-Fi device behavior, specifically with the iPhone X. Savvius OmniPeek is what I call a hardcore protocol analyzer.  The "hardcore" adjective comes from the fact that OmniPeek encourages the user to view frame (aka "packet") traces.  Non-hardcore protocol analyzers focus on providing statistics and graphs.  I am a big fan of all types of protocol analyzers, but the beauty of OmniPeek is that it offers options for viewing statistics and graphs, while making its frame traces simple to navigate. One of the things I like using OmniPeek for when teaching is illustrating the different ways that Wi-Fi devices and APs use the 802.11 standard.  An example is what happen

Everybody likes high Wi-Fi speeds.  Because high Wi-Fi speeds mean that the channel is being used more efficiently ( often false ).  An efficient channel means that there's more available throughput ( only in sterile test environments ) and more available throughput means that more users can be supported concurrently ( completely wrong ). Unfortuantely, high Wi-Fi speeds sometimes  ( all the time )  come at a cost.  To get higher Wi-Fi speeds, wider channels must be used ( which makes the Wi-Fi suck ).  Using wider channels means that fewer channels will be available ( plus it ups minimum RSSI requirements, which just about guarantees a bad design ).  It is therefore essential that wireless professionals analyze the environment and carefully choose whether to use 40 MHz or 80 MHz wide channels ( or they could stop wasting everyone's time and just stick to 20 MHz channels ). But this blog post isn't about choosing the correct channel bandwidth ( although it should be, b

Clickbaitttttttttt! "Three Essential Tools"...  Brilliant!  Years ago, I would've been embarrassed to have such a click-baity headline.  No longer. Why the change, you ask?  I don't know.  It could be that I'm in the Money stage of my career.  (You see, I relate most things in life to pro wrestling.  A pro wrestler's career has three stages: Titles, Money and Legacy.  When you're young and you don't know any better, you want titles.  Being " Intercontinental Champion " [or, in the case of an IT guy, " Network Administrator "] fulfills you.  Management takes advantage of that by underpaying people who are in the Titles stage.  Once someone reaches the Money stage, they are no longer impressed by titles.  "You want to make me Intercontinental Champion?  Great.  What's my paycheck?"  The final stage is the Legacy stage, which most of us never reach.   The Rock is in the Legacy stage.  He has won titles and he has mo

Chatty smartphones have been an issue for years.  Whether you're concerned with security or performance  (or both), the amount of Probing being done by unconnected iPhones, Galaxies and the like has been worrisome.   Today, things have changed.  Smartphones don't Probe as much.  This is probably for the better, but there could be a catch. I'm an Apple guy.  Even when I was using PCs in college (things were different back in the 90's , I tell ya), it was always because they were free.  Once I finally had to buy a computer, I went straight to the very first iBook in 2001.  I own an iPod, iPad, iPhone and MacBook Air.  My next computing purchase will probably be an iMac (to better record those promised-but-not-yet-delivered online training videos on WiFi that I touted six months ago).  So, I like the company.  And I like bashing its competitors sometimes.  (Not my most magnanimous trait, but nobody's perfect.) I liked pointing out that Google's Android ope

Yours Truly has been worried about the future of WiFi sniffing.  Yours Truly worries about the people (they seem to prefer site surveyors) the software (AirMagnet has yet to support 802.11ac adapters) and the methods (WildPackets has been pushing AP-based capture).  To a person who believes that portable WiFi sniffing is essential for optimizing WiFi performance, it is all very disconcerting.   And yet, there is hope.  WiFi sniffing is ready to step into the 802.11ac/Internet of Everything era, and here is how it can be done. WildPackets OmniPeek has long been the author's favorite WiFi sniffer, but it only runs on Windows.  For years and years and years that was fine.  There were always a few Windows-compatible WiFi adapters that worked great with OmniPeek.  Now, however, WildPackets has gone in a different direction.  They are promoting WiFi sniffing via an AP (which often results in a worthless capture ) and saying that they don't expect USB-based capture to be viable

My love for WildPackets OmniPeek may be one of the few things in technology that exceeds my love for the iPhone... Now that I've run off 20% of my audience, let's talk about how the former can be used to figure out if the latter is causing a problem. I have a lot of enemies in life, and I'm proud of that.  In my opinion, part of being an adult is recognizing who your enemies are.  UCLA football players are my enemy when they play college football.  Drivers who text while stopped at green lights are my enemy when I am running late.  (No comments from the peanut gallery on that one, GT Hill .)  And deductive reasoning is often my enemy when troubleshooting. Deductive reasoning is oh so tantalizing.  It's simple math; A + B = C.  The WLAN works (C) when VoFi handsets (B) connect to my APs (A).  If I switch out the VoFi handsets for SIP-based iPhones (thus changing the value of B) and the WLAN stops working, then the iPhones must be at fault.  Right?  Wrong.

It's a rough world out there, folks.  The economy stinks (or, is great if you live in western North Dakota), finding love is harder than ever (or, easier than ever if you use online dating) and WiFi bandwidth is scarce (or, plentiful if you use the 5 GHz band).  Into this quagmire wades the Google Chromecast.  A cheap ($35 USD), little (about the size of an e-cigarette case) gadget that allows you to mirror your smartphone/tablet/computer screen to your television.  If you want to feel like a member of the 1% (at least, the top 1% of WiFi spectrum consumers), this is the gadget for you. Reviews, tutorials and takes on Google's Chromecast are plentiful, so let's skip that.  On this blog we don't care whether people like the gadget.  We care about what the gadget does to the WiFi.  Does it suck up bandwidth?  Is it chatty during down times?  Does it interfere with existing networks? Let's take the first question last ( Charles Van Doren voice).  The Chromecast w

A bunch of WiFi vendors made presentations at the Wireless Field Day events a couple of weeks ago, and the one that piqued my interest the most (at least in a positive way) was WildPackets'.  The WildPackets OmniPeek software can now sniff 802.11ac traffic, with a catch.  The catch?  It only sniffs single streams 802.11ac traffic.  Is that a useful thing? First things, first: In order to sniff 802.11ac traffic, you need a AE6000 (Linksys Wireless Mini USB Adapter AC 580 Dual Band)  adapter.  (And if you decide to buy one and want to support this blog, you can use that link to Amazon.) The AE6000 adapter is a single stream 802.11ac adapter with a Ralink chipset.  WildPackets is developing a driver for the Ralink chipset and demonstrated the AE6000 in action.  The expectation is that it will be a month or two before the OmniPeek drivers for the AE6000 actually get released, but I bought one so that I'm ready. Being able to sniff 802.11ac traffic may be great, but the eve

WildPackets has a sizable discount for OmniPeek Professional right now if you bundle it with three OmniWiFi 802.11a/b/g/n 3-stream USB adapters.   WildPackets OmniPeek has long been my favorite WiFi sniffer, and the OmniWiFi USB adapter is currently my favorite capture device.  So getting a package of OmniPeek Pro with three OmniWiFi adapters at a $900 discount would seem to be an awesome deal, right?  Sort of. There are several versions of WildPackets OmniPeek , and for the most part the more expensive versions add features that are far more useful for wired sniffing than for wireless sniffing.  One look at the OmniPeek comparison chart reveals that the Compass screen and roaming testing are the only features that could possibly maybe justify a WiFi person spending $3,000 (discounted to $2,400 as part of the deal referenced above) on OmniPeek Pro rather than $1,200 on OmniPeek Basic. Compass is nice , and if you have a relatively large budget for WiFi sniffing software, then

As long time readers of this blog might know, WildPackets OmniPeek has been my favorite WiFi sniffer for nearly a decade.  Then I found out about WildPackets' OmniWiFi 3-stream 802.11n USB adapter and I fell even more in love.  Now I learn that OmniPeek 7.5 has added wireless features to the Compass screen.  A good product has been made better (though time will tell if it lasts). First, OmniWiFi: The fact that different 802.11n devices have different capabilities is one of those things that sometimes flies under the radar.  The standard may say 600 Mbps, but just on the Apple website one can buy 802.11n devices with maximum rates of 65 Mbps (iPhone 4S), 150 Mbps (iPad Mini), 300 Mbps (Macbook Air 2012) and 450 Mbps (Macbook Pro 2012). 450 Mbps WiFi devices are the ones that give WiFi pros trouble because so many sniffing tools fail to capture 450 Mbps traffic.  The popular (at least with Wireshark devotees) AirPcap NX from Riverbed, the beloved (at least by yours truly) D-Lin