Sniff Wi-Fi

You're never gonna sniff again Faulty packets got no meaning Though it's easy to pretend I know I'm not a fool Oh, how I want to sing those lyrics . To whom, you ask? Why, to Cisco Clean Air access points. Also, AirMagnet Enterprise sensors, Aruba Air Monitors and anything else that offers me a careless whisper worthless capture. Unlike WHAM! , distributed WLAN analysis is in. It seems that nowadays I can't swing a dead cat without hitting someone who is proud as punch of their system of distributed sensors that does something (spectrum analysis, intrusion detection, frame capture) cool. Distributed sniffing (meaning frame capture) or spectrum analysis does have its uses. If you need to find a rogue AP, identify a denial of service attack or get a general overview of your RF environment, systems like Cisco CleanAir, Fluke AirMagnet Enterprise and Aruba AirWave RAPIDS can all be useful. The problem is that these products are often used for more than that. An...

Blogger's stats are telling me that yesterday was the most-trafficked day in the history of this blog, and as much as I want to credit Titanic's 100 year anniversary, I have to think it is because of my most recent blog post. That post showed how I used WildPackets OmniPeek to analyze the damage that unassociated smartphones can do to a WLAN. This follow-up is just a quick tutorial on how I set OmniPeek up to do that analysis. In order to follow the same steps I did to analyze smartphone activity on a WiFi channel, you'll need a licensed version of WildPackets OmniPeek (Basic, Professional or Enterprise will do) and an 802.11a/b/g/n WiFi adapter that is compatible with OmniPeek. I used OmniPeek Enterprise with a Cisco-Linksys WUSB600Nv1 adapter. To start, insert the WiFi adapter (if necessary) and open OmniPeek. Click the  New Capture  button to bring up the Capture Options window. Next, click the 802.11  link on the left hand side of the screen and select the Scan ...

Enough is enough! I have had it with these motherf*cking smartphones on this motherf*cking WLAN!   - Neville Flynn, played by Samuel L. Jackson in Snakes on a Plane   (paraphrased)  Oh, if only our wireless networks could be saved from smartphones by a foul-mouthed constable. Instead, we have to deal with them. I've done a bit of sniffing recently in an attempt to figure out how much damage a roving smartphone actually does and it led me to a radical conclusion. At halftime of a Los Angeles Clippers game a few months ago, I had the occasion to speak with someone who works with the Staples Center WiFi network. He was unable to share too many details for security reasons, but one thing he did share were the problems Staples Center has with smartphones.  When people attend a sporting event, thousands of WiFi-enabled smartphones are brought into a large open space. The Staples Center WiFi guy told me that the WLAN infrastructure shows that thousand...

There is an old joke in the IT world that software is like sex: you'll need support after you buy it.  Actually, the punchline to that joke is usually, "it's better when it's free." The problem is that the latter punchline fits poorly in the world of WiFi sniffing. The stuff you pay for really is a lot better. That said, a lot of people like to use free software whenever possible, and for Mac OS X and Linux users, there are some decent free WiFi analysis tools out there. For Windows users, however, the search goes on (and on, and on, and on...). Long time readers of this blog may be aware that I prefer commercial WiFi sniffing software when doing real work. But free WiFi sniffers do have a place . If you are trying to learn about the technology, troubleshoot your own personal WiFi device or study for a CWNA / CWSP / CWAP certification exam, then you'll probably want some protocol analysis software but you probably won't want to pay a lot of money fo...

We all know that the iPad is great. We watch video on it, we play games on it and we can view our  Twitter feeds  on it (which, really, is where we get  all important news ). The only problem is, I could never do any work on it. The fact that Apple doesn't allow the internal WiFi radio to be used as for protocol analyzer software, site survey software or spectrum analyzer software always bugged me. Now, thanks to Oscium's WiPry-Spectrum , a spectrum analyzer is available, and boy does it show why the iPad is the ideal form factor for WiFi field work. Oscium is a company that I was unfamiliar with up until I happened upon their website while searching the web for iPad apps, and there is a reason for that. They are a company that makes device testing tools, not WiFi analysis tools. Luckily, those interests overlap. People who test devices need spectrum analyzers, and so do people who sniff WiFi. In this case that leads to a beneficial crossover, though there are some w...

Mice in beer bottles , cold hands and supporting VoIP applications. These are a few of a wireless admin's least favorite things. And while this blog is the wrong place to look for solutions to two of those problems, here are some things to look for when evaluating software that lets you talk. Voice over WiFi is a topic that yours truly has written about before , but never in any real detail on this blog. Part of the reason is that the previously linked whitepaper was something less than a performance for the ages, and part of the reason is that VoFi is still a ways away from being a pervasive technology. Over the last few weeks the need to use VoFi software has arisen, and now is as good a time as any to describe how WiFi analysis software can be used to sniff out (pun not intended. Seriously. That word that is also in the name of this blog WAS TOTALLY ACCIDENTAL AND WITHOUT ANY INTENT AT  SELF-PROMOTION AT ALL.) which VoIP application is best. The two applicatio...

The darned computer (or phone, or tablet) won't connect. We've all been there, and we've all wondered what the heck the problem is. Here's a quick way (using an OS X 10.7 [Lion] Macbook Air with Wireshark) to start yourself on the road to figuring out why. Last week I put out a call for blog topic suggestions and my man Keith Parsons made the fine suggestion of going through some tips for troubleshooting using Mac OS X. I think that is a good idea, so here is a little bit on troubleshooting connection problems on my (and the unemployed screenwriter industry's) favorite operating system. If you understand 802.11 protocols , then troubleshooting connection problems can be done at an extremely low level. When your (or the people you support's) WiFi connection seems to be unavailable for no reason, you can look at the frames being sent to see if things are going the way they're supposed to. When working with a Mac, I use Wi-Fi Diagnostics (an OS X Lion-on...