Latest Posts From COMMUNICAONE
<strong#x3E;“WiFi Shark-Fu” - Practical Wireless Analysis.</strong#x3E; March 7, 2019Presentation from Wireless LAN Professionals Conference 2019 on using Wireshark for practical wireless packet analysis. If you are interested in troubleshooting wireless, studying for the CWAP exam, or just want to learn about 802.11, watch this video.
<strong#x3E;Options for wireless packet captures in Windows.</strong#x3E; January 23, 2019In Windows, you cannot effectively analyze wireless frames, because you are unable to put the wireless NIC in "RF Monitor Mode" - that is the mode in which the wireless NIC can see ALL 802.11 frames in the air, not just ones intended for itself.
Historically, it's been an expensive proposition. There are some great tools out there like OmniPeek (which I use), the gold standard for Windows packet analysis. And for years, AirPcap Nx was the main NIC folks used for pcap'ing WLANs with Wireshark. Unfortunately, both options are pricey. And the AirPcap NX is no longer manufactured. You’d be lucky to find a used one on eBay. Linux and MacOS have been the only ways to cheaply get access to RF Monitor mode without spendy software and hardware, like Omnipeek and the AirPcap Nx.
But, not everyone uses Linux, or macOS. Fortunately, and fairly recently, there are more and more ways to get RF Monitor mode in Windows. Here are some relatively inexpensive options (NOT an exhaustive list) to perform an RF Monitor Mode wireless packet capture in Windows using relatively inexpensive hardware. Here's a list from least to most expensive.
Microsoft Network Monitor How To Write-up ($0 US) by @awalding (May, or may not work.)
Acrylic Wi-Fi Pro ($45) (Plus supported NICs)
@WiFiNigel's blog on how to turn a WLANPi into an external packet capture device for Windows WLANPi can be purchased here. ($75 US)
TamoSoft CommView ($499 US) (Plus supported NICs)
MetaGeek Eye P.A. now supports native Windows Monitor Mode! - (List of supported NICs) ($800.00 US)
OR, you could just get a Mac and do it natively. 😉
If you'd like or learn more about understanfing wireless packet analysis I highly recommend the CWAP (Certified Wireless Analysis Professionals) Study Guide.
Leave a Reply