Posts

Wireless Analysis Resources

Image
Wireless traffic capture and analysis can be a tricky business and is often seen as something of a dark art to newcomers to the world of Wi-Fi. There are a huge variety of options when considering how to capture wireless traffic over the air, with many of the solutions being paid-for options that may be out of reach for many individuals. Many people approaching wireless analysis may already be familiar with Wireshark, based on their previous experience on wired networks, where they may have used it for troubleshooting and analysis purposes.  They may wonder if they can use Wireshark for their initial foray into wireless analysis.  Using Wireshark for wireless capture and analysis on Wi-Fi networks can be a little tricky and presents the newcomer with a whole new slew of frame types to learn. There are many good articles, videos and podcasts out there looking at wireless analysis, particularly if Wireshark is your tool of choice. I thought it would be good to pull them together

Metageek Wi-Spy Air Review

Image
In this article, I take a look at the recently released Metageek “Wi-Spy Air” wireless analysis module and its accompanying “Air Viewer” smartphone application. Metageek supplied me with a beta unit a couple of months ago to help with some initial testing of the product. I’ll take a look at some of the features of the product, together with some observations of my testing of the product to date. Fig 1: Spectrum Analysis in Air Viewer (Smartphone (Landscape)  Screenshot) Background Having the right tool for the job when supporting Wi-Fi networks is essential. Those tools may come in many shapes and sizes, with each having its place depending on the task at hand. Whichever tool is chosen, it needs to be  “professional” grade to ensure it can provide the depth and quality of data required to support the mission critical infrastructures that Wi-Fi networks have become. To date, professional wireless tools for both IOS and Android smartphones have been thin on the ground (in my e

The Windows WMM User Priority Issue - A Fix?

Image
There is a known issue with Windows clients when it comes to marking applications for QoS over wireless. In short, even if a Windows client application is configured to use DSCP 46 (EF), for example to mark voice traffic, it will translate this over the air to to use a layer 2 UP value of 5, rather than 6. This means that it will end up in the Video WMM queue rather than the Voice queue that we’d like. This has an impact on traffic prioritization over the air and could have a negative impact on our high priority traffic. This has been an issue that people have just “lived with” for quite a while, but I suspect there is a solution to this issue. I’m “putting this out there” for feedback as I can’t find any information about others using this technique. I’d like feedback from my peers to understand if the approach is viable or anyone else has used/tried it Background Generally in my articles, I like to provide plenty of background information about a topic to encourage others to rese

WLANPiShark: Wireless Capture With a WLANPi on Windows

Image
*** Note this article is out of date. Please use the information on this page until I get this artcile updated:  https://github.com/WLAN-Pi/WLANPiShark2 *** One huge advantage that Apple Mac users have over owners of Windows 10 machines is the ability to perform a native 802.11 wireless packet capture direct from their built-in wireless NIC. This is extremely useful for wireless pros who want to take a quick over-the air-capture into Wireshark to analyze traffic for troubleshooting purposes. Windows users don’t have the luxury of this native wireless capture capability. In this article, we take a look at how we can use a WLANPi unit as an adapter to capture traffic over the air, straight into Wireshark on a Windows machine. With the WLANPi being powered from the USB of the laptop, this is a super convenient, portable and powerful capture method that gets Windows users a little closer to the capabilities of their cousins on Apple Macs. Background I’ve always felt really bad for

The 5GHz “Problem” For Wi-Fi Networks: DFS

Image
Wi-Fi networking provides us with 2 bands for the operation of wireless LAN networks: the 2.4Ghz band and the 5GHz band. The 2.4GHz band has a reputation of being something of a “sewer” of a band, due to its limited number of usable channels, the number of Wi-Fi devices already using the band, and the high levels of non-Wi-Fi interference that it experiences. Many wireless LAN professionals will generally advise that you put your “important stuff” on the 5GHz band whenever possible. 5GHz has far more channels available, a corresponding lower number of devices per channel, and generally suffers much lower non-Wi-Fi interference. However, beneath the headline of “2.4Ghz = bad, 5Ghz = good”, there lurks a shadowy figure that can be troublesome if you’re not aware of its potential impact: DFS. Background Wi-Fi networks operate in areas of RF spectrum that require no licence to operate. This is in contrast to many other areas of the radio spectrum that generally require some form of (p

802.11 Roaming Variations Cheatsheet

Image
I recently saw a very interesting post from Gjermund Raaen  about Fast Secure Roaming, where he discusses OKC and 802.11r. This reminded me of some roaming issues I had recently observed with OKC myself, which got me looking up information to refresh my memory on a variety of roaming methods and standards. While looking in to the issue, I came across a classic blog post from Andrew Von Nagy about 802.11 roaming. It provides a superb summary of various roaming and security methods. I've read the post several times in the past, but thought that I would really benefit from a summary of its content to act as a memory jogger, rather than reading through the whole document again. For me, things get a little hazy when I start trying to remember the intricacies of the differences between EAP session resumption, PMK caching, OKC and PMK. To save myself some time for the next time I go through this loop, I put together a summary (Cheatsheet) of the content of the roaming variations

Updated White Paper on Licence-Exempt Spectrum in the 5GHz band for Wireless LANs in the UK

Image
For the past few years, I've maintained a white paper on the use of the 5GHz spectrum for Wi-Fi networks here in the UK. As Wi-Fi text books tend to focus on the spectrum available in the USA, I put this document together to clarify how 5GHz spectrum may be used in the UK. Following the release of a Voluntary National Specification document by Ofcom in August 2017 ( VNS 2030/8/3 ), additional channels became available for use in the UK on 5GHz. As we now have additional spectrum, it's time for an update to my white paper to detail the new spectrum that is available. Prior to updating the white paper, I published a summary sheet that shows the new spectrum allocation. This can be obtained obtain from my previous blog article:  UK 5GHz WLAN Spectrum Allocation (August 2017)  (this is definitely one to print off and laminate). I have now completed my updates to the white paper, which I am pleased to share with you now. Note that in addition to adding the new spectrum det