Sniff Wi-Fi

Wi-Fi is a technology used around the world and we, as Americans, respect all cultures and creeds.  That said, occasionally we like to celebrate ourselves (NSFW, as if the title didn't make it obvious): Unfortunately, America has been behind the times in Wi-Fi.  No longer!  We now have motherf*#king 2.4 GHz channels 12 and 13. This blog has a rigid rule to avoid politics, so I'll phrase this as apolitically as I possibly can: from January 20, 2009 to January 19, 2016, America's wireless authority -- the Federal Communications Commission (FCC) -- repeatedly authored rules that damaged Wi-Fi.  In 2010 the FCC banned Wi-Fi on channels 120 through 128, in 2014 the FCC messed up channels 52 through 144 by requiring additional dynamic frequency selection (DFS) scanning and in 2016 the FCC declined a proposal by satellite phone provider Globalstar to allow 2.4 GHz channels 12 and 13 to be used for "terrestrial, low power services" (TLPS), which just so happen t

Clickbaitttttttttt! "Three Essential Tools"...  Brilliant!  Years ago, I would've been embarrassed to have such a click-baity headline.  No longer. Why the change, you ask?  I don't know.  It could be that I'm in the Money stage of my career.  (You see, I relate most things in life to pro wrestling.  A pro wrestler's career has three stages: Titles, Money and Legacy.  When you're young and you don't know any better, you want titles.  Being " Intercontinental Champion " [or, in the case of an IT guy, " Network Administrator "] fulfills you.  Management takes advantage of that by underpaying people who are in the Titles stage.  Once someone reaches the Money stage, they are no longer impressed by titles.  "You want to make me Intercontinental Champion?  Great.  What's my paycheck?"  The final stage is the Legacy stage, which most of us never reach.   The Rock is in the Legacy stage.  He has won titles and he has mo

Nine months ago (bad way to start a blog post, I know) I wrote a blog about the future of WiFi sniffing .  In the comments section (perhaps the only worse thing for a blogger to say), someone mentioned a free, Windows-based application called Acrylic WiFi .   I briefly checked out the app and dismissed it as yet another Discovery utility disguised as a something more.  Then I actually used Acrylic WiFi and...  it works!  It sniffs WiFi frames (sort of) and it does it for free (outside of the cost of an ordinary 802.11 USB adapter)!  This changes everything (kind of)! For years, the method for free WiFi sniffing on a Mac has been simple.   Head down to the bottom of this post for a reminder. Now, we can do similar things in Windows.  It's not quite as simple and it's not totally free, but it works (pretty much). 1. Download and install  Acrylic WiFi Free , including Monitor Mode support (and, actually, if you can find an old download of Acrylic v1, then you'll be a

QoS the packets of iPad ,  and all through the air  not a station was Probing, not even a hair When suddenly on to my Wireshark screen Appeared Video, Voice and Background, it seemed "But alas", I exclaimed, as I looked at the MACs This is only one tablet, not a bushel or stack To the standard I looked, to decipher the meaning And to you, dear reader, I offer this gleaning The standard in question is dot11e and the goal of its authors was to keep the air free from clutter like YouTube and Facebook or Twitter that might cause your voice conference to lag and/or jitter But remember, dear sniffers, we're still talking WiFi A world where each access point, smartphone and MiFi makes its own way to the channel or not deciding on rates, QoS and the lot So take heed if your WiFI must work for those apps that users just love but treat admins like saps a smartphone may say, "this packet is Voice" but the AP may reply, "Best Effort; no choice"

I’ve seen a lot of 802.11 amendments in my day.  From speed (ac) to security (i) to voice (e), a lot of those amendments have done great things.  But 802.11v isn’t going to be one of them.  One look at an iPhone’s (iOS 7 iPhone, that is) 802.11v capabilities shows that the dream of Wireless Network Management delivering client control is still just that: a dream. It has long (well, for a dozen years or so) been a desire of WiFi admins to have more control of client/stations.  Control over which AP the client will connect to.  Control over what signal strength (or signal-to-noise ratio [SNR] or error % or BSS density) will trigger client roaming.  Control over which Final Fantasy character they will assume at that weekend’s LAN party.  (I know virtually nothing about video games, so feel free to make dumb jock jokes at yours truly’s expense.) For about half as long, WiFi admins have had hope for client control on the horizon: 802.11v.  The wireless network management (WNM) amen

Quiet when standing still; active when moving.  That is the way that WiFi devices should treat Probe Requests.  Android devices (at least, Android devices that act like yours truly's Samsung Galaxy Tab 2) probe the right way .  After doing a quick test on the iPhone 5, it appears that Apple has their devices probe based on movement as well. Apple iOS devices have a terrible reputation in some WiFi circles.  The author has heard complaints about mobility, stickiness, throughput capabilities and just about anything else under the sun.  Heck, just today an article was published decrying the throughput ( WHO CARES? ) limitations of of the new MacBook Air (not iOS, but still Apple) was viral'd around the web. To check to see if the iPhone 5 matches the probing behavior of an Andoid device, I associated the iPhone to the office network on channel 36/+1 and started a capture on channel 44/+1.  Then I got up from my chair and started walking around while continuing to use the iPho

Oh, those darned iPhones. Can't live with 'em, can't keep your job without 'em. The vagaries of iPhones and other station devices are the most difficult part of managing a WiFi network, but there are some things that can be done on the infrastructure to try to make your stations work better. One of those things is lowering your AP transmit power to a level that more closely matches your client station's transmit power.  My main man G.T. Hill (of Ruckus Wireless ) recently wrote a blog post discussing why this post is bullshit. Now I'm going to tell you why his blog post is bullshit. (sorry, G.T.) G.T.'s primary point is that is is borderline mentally handicapped (politically correct term) to turn your AP's power down. His theory is that even if your client stations transmit at low power levels, having a high AP power level at least allows the from-AP data rates to stay as high as possible. (G.T. goes on to add that most traffic is downstream, th