Showing posts from 2012

Back To Basics (Again)

The hot topic in WiFi nowadays is high density (HD), and for good reason.  It seems you can't swing a dead cat anymore without hitting some place (concert hall, convention center, tourist trap) where there's an attempt to offload cell phone data onto a WiFi network.  The most interesting thing about HD WiFi to yours truly is that it's the same fundamentals we've always known about, just recycled. If you were one of the lucky (unlucky?) ones to work in WiFi during its more formative years, you may have been taught certain basic concepts about WiFi.  For the author, fond memories still remain of sitting an Enterprise WLAN Administration course way back in 2003 (taught by noted Massachusetts Yankees fan David Westcott ) as part of my preparation for the certified wireless network administrator ( CWNA ) exam. What did Mr. Westcott teach us lo these many years ago? Plan out your space alternating between channels 1, 6 and 11 in the 2.4 GHz band. If APs are spaced t

What's New In the WiFi for iPhone 5

Yay, a new iPhone!   So sayeth me, my relatives (one of whom will receive my old iPhone), California (who will receive 8.75% in sales tax on the FULL UNLOCKED PRICE of the phone because California has a ludicrous sales tax law that taxes the pre-discount price of mobile phones) and anyone else who has been waiting for the iPhone to finally support 5 GHz WiFi.   But wait, there's more.  The iPad has long supported 5 GHz 802.11n WiFi, but the iPhone 5 does the iPad one better.  How?  Read on, amigos. Though Apple's most popular iOS device, the iPhone, has eschewed 5 GHz WiFi until iPhone 5, iOS-based access to 5 GHz channels (numbered 36 through 165) has been available in every iPad model. The iPad has always been 802.11n, which is good.  But the WiFi adapter in the iPad has always supported the bare minimum 802.11n , which is bad.  (Specifically, 65 Mbps Data Rate bad.)  This meant that an iPad is going to take about three times as much channel time as a MacBook Pro (whi

Testing Mobility with OmniPeek: Isolating the Station's Traffic

WildPackets OmniPeek has long been my favorite WiFi sniffing software, but lately this blog has been short on posts about it.  That needs to change.  So today I start a multi-part series (number of parts to be determined) on how I use OmniPeek to help me plan for and troubleshoot mobile devices. Mobility (defined here as seamless roaming between WiFi access points [APs]) is a longstanding enterprise WLAN issue that has kind of taken a back seat to supporting personal devices (a.k.a. BYOD).  For many enterprises, mobility remains important.  Car dealerships with push-to-talk handsets, warehouses with barcode/RFID scanners and retail locations with point-of-sale terminals are all examples of locations that require user devices to move around a large area without dropping connections, losing speed or experiencing choppy service. The solution to supporting mobility is to make sure that APs have adequate overlapping coverage without interfering.  It sounds simple, and it is.  But it

Mighty iPhone Power Ranges

Oh, those darned iPhones. Can't live with 'em, can't keep your job without 'em. The vagaries of iPhones and other station devices are the most difficult part of managing a WiFi network, but there are some things that can be done on the infrastructure to try to make your stations work better. One of those things is lowering your AP transmit power to a level that more closely matches your client station's transmit power.  My main man G.T. Hill (of Ruckus Wireless ) recently wrote a blog post discussing why this post is bullshit. Now I'm going to tell you why his blog post is bullshit. (sorry, G.T.) G.T.'s primary point is that is is borderline mentally handicapped (politically correct term) to turn your AP's power down. His theory is that even if your client stations transmit at low power levels, having a high AP power level at least allows the from-AP data rates to stay as high as possible. (G.T. goes on to add that most traffic is downstream, th

Here's One Eye P.A. That Won't Give You Bowel Cancer

You say you like WiFi Sniffing? And having fun? And not succumbing to a painful demise due to liver sclerosis? Well, then there's only one product pronounced eye-pee-ay for you: Metageek's new visual protocol analyzer, Eye P.A. Amid all of our divisions over race, gender, religion and whether the Champions Bowl is going to be better than the Rose Bowl, we can agree one one thing: products named after alcohol are great . So you can imagine my excitement when I was made aware that Metageek -- hero to Windows users , villain to Mac users  and tease to iPad users  -- had introduced a WiFi sniffer. Metageek is known 'round these parts ("round these parts" being, "in my opinion" ) as being a proprietor of low cost, attractive WLAN analysis tools. InSSIDer is the best active site surveying utility I've seen for Windows. The WiSpy/Chanalyzer combination is my spectrum analyzer of choice. (And I'll just choose to ignore the iPad tease that has been

Worthless Capture

You're never gonna sniff again Faulty packets got no meaning Though it's easy to pretend I know I'm not a fool Oh, how I want to sing those lyrics . To whom, you ask? Why, to Cisco Clean Air access points. Also, AirMagnet Enterprise sensors, Aruba Air Monitors and anything else that offers me a careless whisper worthless capture. Unlike WHAM! , distributed WLAN analysis is in. It seems that nowadays I can't swing a dead cat without hitting someone who is proud as punch of their system of distributed sensors that does something (spectrum analysis, intrusion detection, frame capture) cool. Distributed sniffing (meaning frame capture) or spectrum analysis does have its uses. If you need to find a rogue AP, identify a denial of service attack or get a general overview of your RF environment, systems like Cisco CleanAir, Fluke AirMagnet Enterprise and Aruba AirWave RAPIDS can all be useful. The problem is that these products are often used for more than that. An

How to set up OmniPeek to analyze Phones on a WLAN

Blogger's stats are telling me that yesterday was the most-trafficked day in the history of this blog, and as much as I want to credit Titanic's 100 year anniversary, I have to think it is because of my most recent blog post. That post showed how I used WildPackets OmniPeek to analyze the damage that unassociated smartphones can do to a WLAN. This follow-up is just a quick tutorial on how I set OmniPeek up to do that analysis. In order to follow the same steps I did to analyze smartphone activity on a WiFi channel, you'll need a licensed version of WildPackets OmniPeek (Basic, Professional or Enterprise will do) and an 802.11a/b/g/n WiFi adapter that is compatible with OmniPeek. I used OmniPeek Enterprise with a Cisco-Linksys WUSB600Nv1 adapter. To start, insert the WiFi adapter (if necessary) and open OmniPeek. Click the  New Capture  button to bring up the Capture Options window. Next, click the 802.11  link on the left hand side of the screen and select the Scan  ra

Phones On A WLAN

Enough is enough! I have had it with these motherf*cking smartphones on this motherf*cking WLAN!   - Neville Flynn, played by Samuel L. Jackson in Snakes on a Plane   (paraphrased)  Oh, if only our wireless networks could be saved from smartphones by a foul-mouthed constable. Instead, we have to deal with them. I've done a bit of sniffing recently in an attempt to figure out how much damage a roving smartphone actually does and it led me to a radical conclusion. At halftime of a Los Angeles Clippers game a few months ago, I had the occasion to speak with someone who works with the Staples Center WiFi network. He was unable to share too many details for security reasons, but one thing he did share were the problems Staples Center has with smartphones.  When people attend a sporting event, thousands of WiFi-enabled smartphones are brought into a large open space. The Staples Center WiFi guy told me that the WLAN infrastructure shows that thousands of Ad-Hoc networks

Windows and Wireshark: Still Searching for the (Free) Answer

There is an old joke in the IT world that software is like sex: you'll need support after you buy it.  Actually, the punchline to that joke is usually, "it's better when it's free." The problem is that the latter punchline fits poorly in the world of WiFi sniffing. The stuff you pay for really is a lot better. That said, a lot of people like to use free software whenever possible, and for Mac OS X and Linux users, there are some decent free WiFi analysis tools out there. For Windows users, however, the search goes on (and on, and on, and on...). Long time readers of this blog may be aware that I prefer commercial WiFi sniffing software when doing real work. But free WiFi sniffers do have a place . If you are trying to learn about the technology, troubleshoot your own personal WiFi device or study for a CWNA / CWSP / CWAP certification exam, then you'll probably want some protocol analysis software but you probably won't want to pay a lot of money fo

WiPry Spectrum is Great, but it's All About the iPad

We all know that the iPad is great. We watch video on it, we play games on it and we can view our  Twitter feeds  on it (which, really, is where we get  all important news ). The only problem is, I could never do any work on it. The fact that Apple doesn't allow the internal WiFi radio to be used as for protocol analyzer software, site survey software or spectrum analyzer software always bugged me. Now, thanks to Oscium's WiPry-Spectrum , a spectrum analyzer is available, and boy does it show why the iPad is the ideal form factor for WiFi field work. Oscium is a company that I was unfamiliar with up until I happened upon their website while searching the web for iPad apps, and there is a reason for that. They are a company that makes device testing tools, not WiFi analysis tools. Luckily, those interests overlap. People who test devices need spectrum analyzers, and so do people who sniff WiFi. In this case that leads to a beneficial crossover, though there are some ways in

Using AirMagnet to Analyze Voice Over WiFi

Mice in beer bottles , cold hands and supporting VoIP applications. These are a few of a wireless admin's least favorite things. And while this blog is the wrong place to look for solutions to two of those problems, here are some things to look for when evaluating software that lets you talk. Voice over WiFi is a topic that yours truly has written about before , but never in any real detail on this blog. Part of the reason is that the previously linked whitepaper was something less than a performance for the ages, and part of the reason is that VoFi is still a ways away from being a pervasive technology. Over the last few weeks the need to use VoFi software has arisen, and now is as good a time as any to describe how WiFi analysis software can be used to sniff out (pun not intended. Seriously. That word that is also in the name of this blog WAS TOTALLY ACCIDENTAL AND WITHOUT ANY INTENT AT  SELF-PROMOTION AT ALL.) which VoIP application is best. The two applications I

How Do I Know (If It Really Links Me)?

The darned computer (or phone, or tablet) won't connect. We've all been there, and we've all wondered what the heck the problem is. Here's a quick way (using an OS X 10.7 [Lion] Macbook Air with Wireshark) to start yourself on the road to figuring out why. Last week I put out a call for blog topic suggestions and my man Keith Parsons made the fine suggestion of going through some tips for troubleshooting using Mac OS X. I think that is a good idea, so here is a little bit on troubleshooting connection problems on my (and the unemployed screenwriter industry's) favorite operating system. If you understand 802.11 protocols , then troubleshooting connection problems can be done at an extremely low level. When your (or the people you support's) WiFi connection seems to be unavailable for no reason, you can look at the frames being sent to see if things are going the way they're supposed to. When working with a Mac, I use Wi-Fi Diagnostics (an OS X Lion-on