Posts

Showing posts from March, 2010

DWA-160 Good; 802.11n Bad (Or At Least Annoying)

I am going to have to expand upon this topic in another post somewhere down the road, but 802.11n continues to annoy me. The technology is revolutionary and inexpensive and blah, blah, blah, but it's dang near impossible sniff it! Oh, does this tick me off. And to make matters worse today I finally got to use my D-Link DWA-160 dual-band 802.11n USB adapter with AirMagnet WiFi Analyzer so I really wanted to do some sniffing. Let's start off with the 802.11n thing first. 802.11n is a great technology that increases both the speed and the range (and even the security, in a way) of your WiFi. Unfortunately for people who dabble in WiFi sniffing, 802.11n also makes it virtually impossible to do traditional sniffing. The problem with 802.11n is that with most setups the Data frames going in one direction will be missed. I don't know exactly why this is and I don't know all of the technical reasons behind it, but trust me, it happens. If you set your 802.11n capture to a

Sometimes, 802.11b Just Is Enough

I've mentioned in the past that 802.11b has become a thing of the past for most WiFi networks , but recently I happened upon one of these old boys and it worked great. The episode served as a reminder that sometimes you can use old technology well beyond its expiration date if you put it in the right place. You all know the limitations: 802.11b tops out at 11 Mbps. 802.11b stations sometimes lack support for WPA2 (or even WPA). I've never seen an 802.11b device support Block Acks. And many of the don't even support QoS (which is an underrated way to protect yourself against WEP or PSK cracking, btw). But you also know the benefits: they're cheap as heck! There's another reason besides cheapness that 802.11b remains an enticing choice: Sometimes you don't need the extra speed. In my recent excursion I was using WiFi to access a wireless ISP. Initially I was surprised to see 11 Mbps traffic in my Wireshark (I was too lazy to boot into Windows; what's new?

The Quick and The Filtered

I haven't talked much about AirMagnet products yet on this blog, and that's a shame. AirMagnet (now owned by Fluke Networks) makes some of the best WiFi sniffing products on the market. Their signature product (AirMagnet WiFi Analyzer) is best of breed for field technicians and it has seen some improvements to its hardcore frame analysis features that folks like me crave. Fluke AirMagnet WiFi Analyzer  has long been the top 802.11 protocol analyzer in terms of market share. It has also long been the top 802.11 protocol analyzer for basic WiFi sniffing. And by, "basic," I mean the type of quick, focused sniffing that's needed by field technicians and other folks who are trying to solve identify the cause of typical problems quickly.  Now, I'm no field technician, but I love AirMagnet. The WiFi Analyzer product is great for my writing work (because it's widely used), my teaching work (because it makes it easy to show off 802.11 protocols) and my sniffing

A Pleasant WiSpy Surprise

The WiSpy spectrum analyzer has long made wireless folks feel ambivalent. We love the cheap price and the USB form factor, but we hate the fact that it lacks the device identification capability that you get with the Cisco Spectrum Expert and Fluke AirMagnet Spectrum XT. I've always been one of those folks who tends to think it's worth the money to have a more professional-grade product, but while working at a hotel last week my WiSpy really helped me out. Before I get to my story, I'd like to give a little background on WiSpy. WiSpy is a USB spectrum analyzer from Metageek . I was first told about it about four years ago by Devin Akin , who at the time was the top technical guru for the CWNP Program . When I clicked on the link he sent to my email, I was amazed. Metageek had created a 2.4 GHz spectrum analyzer for $99. Like any good compulsive gadgeteer I ordered my WiSpy shortly thereafter and started playing with it. Unfortunately, it didn't take long for me to