Showing posts from April, 2012

Worthless Capture

You're never gonna sniff again Faulty packets got no meaning Though it's easy to pretend I know I'm not a fool Oh, how I want to sing those lyrics . To whom, you ask? Why, to Cisco Clean Air access points. Also, AirMagnet Enterprise sensors, Aruba Air Monitors and anything else that offers me a careless whisper worthless capture. Unlike WHAM! , distributed WLAN analysis is in. It seems that nowadays I can't swing a dead cat without hitting someone who is proud as punch of their system of distributed sensors that does something (spectrum analysis, intrusion detection, frame capture) cool. Distributed sniffing (meaning frame capture) or spectrum analysis does have its uses. If you need to find a rogue AP, identify a denial of service attack or get a general overview of your RF environment, systems like Cisco CleanAir, Fluke AirMagnet Enterprise and Aruba AirWave RAPIDS can all be useful. The problem is that these products are often used for more than that. An

How to set up OmniPeek to analyze Phones on a WLAN

Blogger's stats are telling me that yesterday was the most-trafficked day in the history of this blog, and as much as I want to credit Titanic's 100 year anniversary, I have to think it is because of my most recent blog post. That post showed how I used WildPackets OmniPeek to analyze the damage that unassociated smartphones can do to a WLAN. This follow-up is just a quick tutorial on how I set OmniPeek up to do that analysis. In order to follow the same steps I did to analyze smartphone activity on a WiFi channel, you'll need a licensed version of WildPackets OmniPeek (Basic, Professional or Enterprise will do) and an 802.11a/b/g/n WiFi adapter that is compatible with OmniPeek. I used OmniPeek Enterprise with a Cisco-Linksys WUSB600Nv1 adapter. To start, insert the WiFi adapter (if necessary) and open OmniPeek. Click the  New Capture  button to bring up the Capture Options window. Next, click the 802.11  link on the left hand side of the screen and select the Scan  ra

Phones On A WLAN

Enough is enough! I have had it with these motherf*cking smartphones on this motherf*cking WLAN!   - Neville Flynn, played by Samuel L. Jackson in Snakes on a Plane   (paraphrased)  Oh, if only our wireless networks could be saved from smartphones by a foul-mouthed constable. Instead, we have to deal with them. I've done a bit of sniffing recently in an attempt to figure out how much damage a roving smartphone actually does and it led me to a radical conclusion. At halftime of a Los Angeles Clippers game a few months ago, I had the occasion to speak with someone who works with the Staples Center WiFi network. He was unable to share too many details for security reasons, but one thing he did share were the problems Staples Center has with smartphones.  When people attend a sporting event, thousands of WiFi-enabled smartphones are brought into a large open space. The Staples Center WiFi guy told me that the WLAN infrastructure shows that thousands of Ad-Hoc networks