Showing posts from January, 2010

Sniffing on a Mac

I got a question from a reader (Steve) about sniffing on a Macbook. It's a pretty simple subject, so I figured I'd address it here as well.

Steve's email was in response to my previous post on sniffing possibilities for the upcoming Apple iPad. He asked if I'd used VMWare Fusion or any other virtualization software on a Mac OS X notebook so that I could run professional-grade WiFi sniffing software like WildPackets OmniPeek or AirMagnet WiFi Analyzer.

My answer was that, unfortunately, virtualization software is not a good option when it comes to sniffing. The basic problem is that for WiFi sniffing to work, your wireless adapter has to be put into monitor mode. That means having access to the drivers for your adapter (and, in most cases, changing them). When you use virtualization software to run Windows you lose your ability to access external network interfaces (such as the USB, PC Card or ExpressCard WiFi adapters that are typically used for sniffing). I've nev…

Sniffing WiFi and the iPad

How could I not? With every technology writer (and some non-tech writers) from here to Marrakesh covering Apple's latest miracle how could I not post something about how the iPad may affect those of us who sniff WiFi for a living? Well, here's a few things about WiFi analysis and the iPad to consider given what we know about yesterday's introduction and the current capabilities of the iPodTouch/iPhone.

All commentary about the iPad and WiFi sniffing should be prefaced by noting how ambivalent veterans of WiFi surveying and analysis must be about this thing. On the one hand, it's exactly what we've always wanted. It's thin, it's light, it has a touch screen, its batter lasts forever and it has horsepower. That's basically what we've always wanted out of previous generations of tablet computers that have always come up short in one or more of those areas. The problem is that it runs the iPhone OS instead of a real (read: multitasking) OS. Why, Apple? W…

Heeere's MiFi... Sniffed!

A while back I wrote about how much I liked the Verizon MiFi 2200 mobile hotspot (made by Novatel). I also wrote that, due to the fact that my girlfriend liked it even more than I did, I would have to wait to sniff the MiFi to see how it uses WiFi. Well, I finally got a chance to sniff the MiFi, and it turned out to be a pretty ordinary access point with the exception of one little oddity that shows up in its Beacons.

In my initial writeup of the MiFi I covered basic operation, the connection experience and a few GUI configuration options. What I didn't cover was the sniffing.

When I did finally sit down to sniff the MiFi I got a little bit lazy. I could've booted my notebook into Windows XP and ran WildPackets OmniPeek like a good boy, but instead I decided to stay in Mac OS X 10.6 (Snow Leopard) and run KisMAC 0.3. For those that may have missed my earlier writeup on using KisMAC, the complete setup is as follows:

-OS: Mac OS X 10.6
-Sniffer: KisMAC 0.3
-Protocol Analyzer: Wiresh…