First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Wireless traffic analysis: what is recommended?

Based on research I am finding that using AirPcap NX model (provided by Riverbed Technology) that integrates with Wireshark as a possible option to analyze wireless traffic; however, when reaching out to Riverbed Technology the response is that AirPcap no longer available. What have others found to be effective for wireless traffic analysis with Wireshark? Is there another option similar to AirPcap?

secureHIT's avatar
1
secureHIT
asked 2020-12-02 16:38:51 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Macbooks or Linux systems are typically the way to go. 802.11 capture on Windows is difficult.

  • Even if you can get Airpcap hardware, the performance is very limited for current capabilities in the market
  • There are commercial solutions - Omnipeek, Metageek, and others that can do some 802.11 capture on Windows
  • This is a professional tool for analysis and capture
  • Microsoft has some tools, but most (all ?) are end of life: Network Monitor and Message Analyzer.
  • Hardware based systems exist, too. Most enterprise grade wifi can do packet capture, and for low cost hardware, you could try Mikrotik products as they have some capabilities for OTA capture (over the air). There are other vendors with hardware systems - I bet Fluke has something.
  • npcap claims support for 802.11 capture on Windows but frankly it really doesn't work
  • Embedded Linux tool that can be used for capture - send data to Wireshark on Windows via SSH
Bob Jones's avatar
1.5k
Bob Jones
answered 2020-12-02 18:08:58 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Great summary @Bob_Jones!

I guess the question is what are you trying to accomplish with your WiFi capture? There are many tools and software out there that perform different things.

For example, some tools are better at creating a "heat" map to show WiFi signal strength throughout a space. Others are more tuned to WiFi performance and throughput. And there are still others focused on capturing packets for protocol analysis.

Once you know what type of WiFi capture you need, the tool becomes easier to define.

Amato_C's avatar Amato_C (2020-12-02 20:25:10 +0000) edit
more
  • delete

Thank you Amato_C and @Bob_Jones for your insight and guidance. In terms of forensic analysis for a wireless network or WiFi network what tool is recommended for GPS location of where the radiofrequency breach is originating from? In reaching out to the company that provides the recommendation @Bob_Jones refers to as a professional tool I am not receiving a response in regards of the forensic analysis capabilities. Amato_C, are you aware of tool that has the aforementioned capabilities that are sought?

secureHIT's avatar secureHIT (2020-12-05 19:25:21 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer