Archive for the ‘OmniPeek’ Tag

CWAP Beta Course – Day 2

Today was the 2nd day in the CWAP (Certified Wireless Analysis Professional) beta course.  Today’s material was a lot more hand-on / lab type exercise in capturing and analyzing traffic.  From what I could tell, there were three main tools used by the course attendees:

They all seem to have their pros and cons, and they all seem to cost about the same amount of money (especially if you want to do multichannel packet capture on ~3 channels).  Which tool do you prefer?  Why?

The course contains an enormous amount of detail, such as the exact length (in microseconds) for slot times for each PHY type as well as a discussion on the application of that detail (i.e. how do the different slot times affect WLAN performance with and without QoS enabled).

Again, I thought one of the most valuable things were the networking opportunities with the other attendees and the sidebar conversations.  A colleague (and good friend) of mine, Ken Hall, was even inspired to sign up for a Twitter account (@wifiscubaguy) to continue the interaction outside of this course / classroom.  His account will definitely be on my next list of #WirelessWednesday mentions.

Tomorrow is the last day of the course.  From what I know, we are covering a lot of 802.11n concepts, as well as spectrum analysis, which should be a blast.

Adventures in Capturing Wireless Packets

Just a quick FYI for those *true* WiFi packet analysis junkies out there – I installed OmniPeek Professional 5.1.4 on my HP 6910 laptop.  The software “works” with embedded Intel wireless NIC, but reports invalid data rates for 802.11n traffic.

The work around that I came too was to purchase a 3rd party, dual-band 802.11n USB adapter that has a supported API within the OmniPeek software.

I also have an AirPcap Nx device from CACE Technologies that I like *very* much – USB form factor that allows for wireless packet capture in Windows.  AirPcap integrates directly into Wireshark, which is nice since I “grew up” taking wireless captures in Lib PCAP format under Linux and looking at them in Ethereal.