Sign up to save your podcasts
Or
Share CTS 102: Capturing Wireless Frames
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CTS 102: Capturing Wireless Frames
François and Rowell discuss their experiences capturing wireless frames for analysis and what tools they used to do it.
This episode is sponsored by Metageek
Capturing Wireless Frames
It’s one of my favorite things to do. Capture wireless frames anywhere there’s a wireless network present. I know. I’m a boring guy. But I can’t help taking a look. In this episode on capturing wireless frames, we go over our favorite tools and apps which help us solve real world problems.
Why should you capture frames? If you want to learn how wireless works, then you need to start diving into frames. That’s how you’ll learn exactly what you need to know by seeing how it works. It’s perfect for learning any of the CWNP certifications and especially for the CWAP. By looking at wireless frames, you’ll begin seeing how wireless devices and access points talk to each other and acquire the shared medium.
Another reason for capturing wireless frames is to perform analysis. There may be an issue that’s hard to solve and requires wireless frame analysis. This could be as simple as finding out a device does not negotiate the same parameters as the BSS. Or maybe you’re trying to find out what could be slowing down wireless for every other device.
It’s the old saying, packets never lie. But in this case, frames never lie!
You can capture wireless frames on any platform such as MacOS, Windows, and Linux. When it comes to the platform of choice, we prefer to use MacOS. By default, you can place the MacOS wireless adapter in promiscuous mode. This mode is used to capture all frames, even those not destined to the host. By utilizing an app such as Airtool, it’s possible to fine tune a frame capture down to parameters such as the channel, channel width, payload or no payload, etc.
Then with Wireshark, the analysis can be performed.
In the episode, François and I speak about our experiences in using frame analysis. I bring up a situation where Skype calls kept dropping but the issue was really a consumer level device trying to take up most of the airtime. There are other examples also described in the episode.
Here are some screenshots of different applications of frame capture and analysis.
Links and Resources
* What are radiotap headers
* Windows Network Monitor 3.4
* Eye P.A. Coloring Rules
* Mojo Packets
* Airtool
* Wireshark
* Omnipeek
* AirPcap NX
View all episodes
4.7
6262 ratings
François and Rowell discuss their experiences capturing wireless frames for analysis and what tools they used to do it.
This episode is sponsored by Metageek
Capturing Wireless Frames
It’s one of my favorite things to do. Capture wireless frames anywhere there’s a wireless network present. I know. I’m a boring guy. But I can’t help taking a look. In this episode on capturing wireless frames, we go over our favorite tools and apps which help us solve real world problems.
Why should you capture frames? If you want to learn how wireless works, then you need to start diving into frames. That’s how you’ll learn exactly what you need to know by seeing how it works. It’s perfect for learning any of the CWNP certifications and especially for the CWAP. By looking at wireless frames, you’ll begin seeing how wireless devices and access points talk to each other and acquire the shared medium.
Another reason for capturing wireless frames is to perform analysis. There may be an issue that’s hard to solve and requires wireless frame analysis. This could be as simple as finding out a device does not negotiate the same parameters as the BSS. Or maybe you’re trying to find out what could be slowing down wireless for every other device.
It’s the old saying, packets never lie. But in this case, frames never lie!
You can capture wireless frames on any platform such as MacOS, Windows, and Linux. When it comes to the platform of choice, we prefer to use MacOS. By default, you can place the MacOS wireless adapter in promiscuous mode. This mode is used to capture all frames, even those not destined to the host. By utilizing an app such as Airtool, it’s possible to fine tune a frame capture down to parameters such as the channel, channel width, payload or no payload, etc.
Then with Wireshark, the analysis can be performed.
In the episode, François and I speak about our experiences in using frame analysis. I bring up a situation where Skype calls kept dropping but the issue was really a consumer level device trying to take up most of the airtime. There are other examples also described in the episode.
Here are some screenshots of different applications of frame capture and analysis.
Links and Resources
* What are radiotap headers
* Windows Network Monitor 3.4
* Eye P.A. Coloring Rules
* Mojo Packets
* Airtool
* Wireshark
* Omnipeek
* AirPcap NX
More shows like Clear To Send: Wireless Network Engineering
View all
This Week in Tech (Audio)
3,011 Listeners
Security Now (Audio)
1,981 Listeners
Planet Money
30,734 Listeners
Freakonomics Radio
32,071 Listeners
Heavy Networking
326 Listeners
Smashing Security
314 Listeners
Darknet Diaries
7,921 Listeners
CISO Series Podcast
190 Listeners
RUCKCast
5 Listeners
The Art of Network Engineering
84 Listeners
Cyber Security Headlines
128 Listeners
Huberman Lab
28,531 Listeners
Heavy Wireless
11 Listeners
The Industrial Wi-Fi Shop Podcast
1 Listeners
Packet Protector
6 Listeners