Sniff Wi-Fi

One of my favorite things to do is teach Wi-Fi, and one of my favorite tools for teaching is Savvius  OmniPeek .  The good folks at Savvius were nice enough to provide OmniPeek for the Wi-Fi classes I oversee at Global Knowledge , and so I want to offer a taste of how OmniPeek can be used to learn about Wi-Fi device behavior, specifically with the iPhone X. Savvius OmniPeek is what I call a hardcore protocol analyzer.  The "hardcore" adjective comes from the fact that OmniPeek encourages the user to view frame (aka "packet") traces.  Non-hardcore protocol analyzers focus on providing statistics and graphs.  I am a big fan of all types of protocol analyzers, but the beauty of OmniPeek is that it offers options for viewing statistics and graphs, while making its frame traces simple to navigate. One of the things I like using OmniPeek for when teaching is illustrating the different ways that Wi-Fi devices and APs use the 802.11 standard.  An example is wh...

The Wi-Fi Alliance announced its next security enhancement today, called WPA3.  The press release touts "four new capabilities", but only one of the four affects practical Wi-Fi security. As they are occasionally wont to do, the Wi-Fi Alliance  announced a new certification today via a press release featuring an artisnal blend of normal words and corporate gobbledygook.  For those who speak fluent corporate gobbledygook, here are the four enhancements of WPA3 : Robust protections even when users choose passwords that fall short of typical complexity recommendations. Simplify the process of configuring security for devices that have limited or no display interface. Strengthen user privacy in open networks through individualized data encryption. A 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems to forther protect Wi-Fi networks with higher security requirements such as gover...

Back in my day, we called it The Corner .  Nowadays, the kids call it The Trap . (WARNING: Very NSFW) The average IT professional may not view Wi-Fi "Design" as being directly analogous to the inner city drug trade.  Yet, when Wi-Fi Professionals go through the process of choosing AP installation locations, they should know what even the most novice  B.G. drug dealer knows: that The Corner is also The Trap. When embarking on a Wi-Fi "Design", some things are obvious.  Coverage is needed everywhere.  The number of available APs must be appropriate for the number of expected Wi-Fi devices.  Physical objects (walls, doors, et al.) should be accounted for. A less obvious part of Wi-Fi "Design" is avoiding Hidden Node problems.  The Hidden Node problem occurs when two or more devices on the same channel A) cannot "hear" each other, and B) can interfere with each other. The reason why Hidden Node is a problem is that Wi-Fi devices rely o...

What does Bluetooth have to do with 5 GHz Wi-Fi?  Nothing.  Bluetooth operates in the 2.4 GHz frequency band. If you look in the right spot, however, Bluetooth can teach you something about 5 GHz Wi-Fi.  Specifically, the Bluetooth 5.0 specification can teach you that Dual 5 GHz access points are a bad idea. This blog's opposition to Dual 5 GHz access points (APs) is not news to long time readers.  The ' Two Radios Are Better Than One (Unless They're Both 5 GHz) ' blog post, which details how Dual 5 GHz APs (like Cisco 3800 Series APs , for example) make enterprise Wi-Fi less stable, is nearly three years old.  Today's re-stating of the pitfalls of dual 5 GHz radio APs is due to something I uncovered while reading about Bluetooth.  I was reading the Bluetooth 5.0 specification in search of anything that might affect Wi-Fi when I happened upon this table: The middle rows of the table is most dramatic, showing that out-of-band RF activity can ...

The vast majority of Cisco Wi-Fi networks can be fixed without having to spend precious time and money on surveying, adding new access points (APs) or moving existing APs.  Here's how. Cisco has some very fine enterprise Wi-Fi products.  Unfortunately, those very fine products often get deployed in a manner that leads to connectivity and performance issues. The following steps take about ten minutes to perform, and will stabilize connectivity and performance for the vast majority of enterprise-class Cisco Wi-Fi networks.  Anything in bold  is something to click or select or check or uncheck or type. 1. Access the Cisco wireless LAN controller (WLC) interface via a web browser. 2. Navigate to WLANs  (menu) -> -> Security  (tab) -> Uncheck WPA Policy  -> Apply NOTE: Wi-Fi Protected Access (WPA) is a Wi-Fi security method that uses temporal key integrity protocol (TKIP) encryption by default.  Using TKIP encryption disables 80...

Wi-Fi is a technology used around the world and we, as Americans, respect all cultures and creeds.  That said, occasionally we like to celebrate ourselves (NSFW, as if the title didn't make it obvious): Unfortunately, America has been behind the times in Wi-Fi.  No longer!  We now have motherf*#king 2.4 GHz channels 12 and 13. This blog has a rigid rule to avoid politics, so I'll phrase this as apolitically as I possibly can: from January 20, 2009 to January 19, 2016, America's wireless authority -- the Federal Communications Commission (FCC) -- repeatedly authored rules that damaged Wi-Fi.  In 2010 the FCC banned Wi-Fi on channels 120 through 128, in 2014 the FCC messed up channels 52 through 144 by requiring additional dynamic frequency selection (DFS) scanning and in 2016 the FCC declined a proposal by satellite phone provider Globalstar to allow 2.4 GHz channels 12 and 13 to be used for "terrestrial, low power services" (TLPS), which just so happen t...

This week's big Wi-Fi news was Ekahau's introduction of the Sidekick , an easy-to-carry, laptop battery-conserving device designed to make Wi-Fi site surveying more elegant.  Unfortunately, it appears to do more to exacerbate Wi-Fi problems than to solve them. What is the number one problem in enterprise Wi-Fi? It surely can't be security.  Security is a hot topic, but Wi-Fi security isn't really a problem anymore.  Even security problems that Wi-Fi gets blamed on -- Pineapple hijacking, Wi-Phishing, man-in-the-middle -- either aren't problems for modern devices & applications, or are problems that extend beyond Wi-Fi. Maybe it's user density?  Or supporting a variety of devices?  Maybe it's connection issues; when moving or when the device is idle for too long? Whatever the answer, chances are it comes down to one overarching issue: different Wi-Fi devices behave differently.  Capacity testing gets done using laptops, then smartphones cause th...