OmniPeek for the Masses?

When I think of WildPackets OmniPeek, I think of a WiFi sniffer made for highly specialized work. Lately, however, I've found that people who are new to sniffing often seem to like it more than higher profile sniffers like Wireshark and AirMagnet WiFi Analyzer.


On the surface, AirMagnet WiFi Analyzer and Wireshark each have a distinct edge over WildPackets OmniPeek in attracting novice users. AirMagnet has a very nice interface and Wireshark has a very nice price (free). That's why I'm sometimes hesitant to tout OmniPeek to newbies. I feel like I'm telling them about something that is probably out of their price range, and then even if they did buy it they'd have to spend a few weeks learning how to really use it.

I got a new perspective on things when I was working at a large industrial company last week. They have a policy banning rogue APs and ad-hoc networks and I had a small test bed set up for my work. On the fourth day that I was there (and you'd have to ask them why it took 4 days for the admins to finally notice that I had WiFi setup) I was having a delicious grilled chicken sandwich at my desk when one of their admins came in with Fluke OptiView asking if we had any ad-hoc WiFi running. I told him that we might and then I started running WildPackets OmniPeek. Sure enough, one of the guys I was working with had an ad-hoc network setup. I showed the admin the ad-hoc network and then we used the Locate function in OmniPeek to track it down.

The admin's Fluke OptiView could have done the locating just fine, so the really interesting part came when the folks I was working with returned from their lunch break. I told them the story of the admin coming in looking for ad-hoc networks and they became curious about OmniPeek. To this point I had only been using Wireshark and AirMagnet with them; again, figuring that OmniPeek wasn't their speed. When I showed them OmniPeek, they immediately wanted more. Even though these guys had little use for viewing packet traces or filtering by 802.11 protocol, they loved the fact that OmniPeek at least gave them the option to do those things in ways that were easier and more intuitive than the applications we had been using.

I still maintain my position that Wireshark (strictly because it's free) is best for recreational sniffing and that AirMagnet is easiest for basic professional sniffing in most settings. Still, this experience made me re-think things a little bit. Maybe there are more people than I thought who could use a reasonably priced (about $1,400 for OmniPeek Basic and an 802.11n dual-band capture adapter) WiFi sniffer that let's you get as deep into packet analysis as you want to go.

Comments

  1. Great blog! Must for Wi-fi engineers.
    Looks like Omnipeek Pro is $1000 cheaper than Airmagnet Analyzer. We are debating to chose one...do you think once you get used to Omnipeek complexity/features this would be a better choice?

    One plus feature in Airmagnet is using Spectrum XT integrated with Analyzer. Not sure if you can integrate with Survey pro?

    We have Cisco specturm expert but missing a survey integrator.

    Your input would be valuable on these two products.


    Thanks!
    Prasanna

    ReplyDelete

Post a Comment

Popular posts from this blog

Spectrum Deception

Free Sniffing in Windows! (Kind Of)

What's New (and Missing) in the WiFi for iPhone 6