When an wireless access point wants to advertise its available networks, it sends out 802.11 beacon frames. These frames are seen by other 802.11 receiving radios, and if you can capture those frames, you can use CloudShark’s Wireless Networks tool to see all of the wireless networks (named with their SSIDs) nearby.
Alternatively, when Wifi stations come online, they may send out a frame called a “Probe Request”. An access point can respond to these requests with a “Probe Response”.
Ever since the folks at Aerohive decided to integrate HiveManger NG with CloudShark, we’ve been excited to play around see what exactly we can learn from looking at packet captures from wireless networks. So, naturally, our CloudShark dev and support guru Tom was happy to jump on it when we got some of their Access Points here at CloudShark.
Our network is a bit tricky, since our sister product CDRouter is busy testing all sorts of broadband routers and wireless APs with their networks on, so he brought it out of the noise and tested it at home for a night.
Now that we have our new Aerohive APs in our office, we’ve been excited to learn more about wireless troubleshooting and debugging. The built-in packet capture feature in HiveManager NG makes getting traces into CloudShark for analysis really easy. Now that we have the traces, what do we do with them?
We wanted to put together a list of some of the resources that have helped us get started learning about the 802.
This challenge is complete! Try it yourself or scroll to the solution below.
It’s been awhile since we’ve had a good old fashioned packet capture challenge here at CloudShark. In preparation for our upcoming webinar on packet capture and analysis in wireless networks, we thought we’d throw out a challenge involving a would-be malicious attacker trying to gain access to a secured wifi network.
The Challenge Take a look at this capture.
Wireless networks are the most ubiquitous type of network modern IT departments need to deal with. There are many tools for troubleshooting them, but what happens when you need to go to the packet level? How do you capture at the point you need, and how do you get those captures to a place you can analyze them?
Join the CloudShark team as we show you:
Performing packet captures on Meraki and OpenWRT based devices, and using their native CloudShark support to upload to a CloudShark Appliance Organizing those captures in CloudShark Collaborating using CloudShark’s web-based analysis environment Watch the video.
The developers over at Kismet Wireless just released an packet capture app for Android devices that lets you use an external USB wireless adapter to capture layer 2 wireless LAN traffic and store in pcap format. How cool is that? The best part is, they’ve also built a handy CloudShark Uploader for Android as well!
When you have performed a capture using Android PCAP, you can then use the Android Cloudshark Uploader to directly upload your captures from your Android device to CloudShark.