Archive for the ‘wireless packet capture’ Tag

Sharkfest ’09

I admit it, I am getting jealous with all my colleagues Twittering about the RSA Conference this week at the Moscone Center in San Fransisco.  While the idea of heading to RSA hit me too late to make the logistics work, something that I am planning ahead for is Sharkfest 2009.   What is Sharkfest, you ask?  

Sharkfest is a conference dedicated to the optimization of the Wireshark Protocol Analyzer, which is now owned and managed by CACE Technologies. It is a 3 day conference being held near San Fransisco at Stanford University. The official dates for the conference are June 15th – 18th, 2009.  

sharkfest_banner

The conference has three tracks – one for basic users, one for advanced users, and one for developers.  I am pretty sure that you can mix and match sessions from all three tracks.  The cost of the conference is only $695 per person, and each paid attendee gets a free AirPcap Classic adapter ($198 value), which lets you do 802.11 b/g packet capture in Windows, directly through Wireshark. Groups of 3 or more are also eligible for a 10% discount.  

If you have been following my blog, you know that I am a wireless packet junkie.  I am attending Sharkfest with a couple other Principal Technologists from Xirrus.  It looks like they have a great speaker lineup with Mike Kershaw (Kismet creator), Fyodor, Laura Chapell, etc.  Of course, they will have Wireshark engineers and developers on-hand as well.  

If you are interested in registering for Sharkfest, I would suggest doing it soon.  This is the second year for the conference and the conference organizers told me that they are limiting the number of attendees so that it doesn’t grow out of hand too quickly.  As someone who attended the first several Shmoocon conferences, I can tell you that you want to get in on the ground floor.   

Related Posts: 

Advertisements

802.11n Deployment Considerations – Troubleshooting & Analysis Tools

This is the second in a series of 802.11n Deployment Considerations to include cabling, power, system architecture, etc. The focus of this particular post is to discuss the deployment considerations related to troubleshooting and analysis tools when deploying 802.11n wireless LANs.  

Packet Analysis 

One of the main troubleshooting & analysis tools for WLAN engineers is a wireless packet capture program. Personally, I use both OmniPeek Professional as well as the AirPcap device from CACE Technologies.  With wireless packet capture programs, it is important for you to ensure both the wireless NIC you are using and the software support 802.11n functionality.  Otherwise, 802.11n features such as channel bonding, frame aggregation, and block acknowledgement might not display properly (or show up in your display at all).  AirPcap sells a specific model for 802.11n, called their AirPcap Nx.  

Spectrum Analysis 

Another important troubleshooting tool for WLAN engineers is a Spectrum Analyzer.  I use both the AirMagnet Spectrum Analyzer and the Wi-Spy Spectrum Analyzer from MetaGeek.  If you read my rant (post) regarding 2.4 GHz vs. 5 GHz for 802.11n networks, hopefully you realize the increasing importance of the 5 GHz spectrum.  Therefore, I would suggest you utilize a dual band spectrum analyzer.   The only Wi-Spy product that is dual band is the Wi-Spy DBx.  

Another spectrum analyzer troubleshooting tool that I am curious to try is the AirMagnet Airmedic Product.  If anyone has used the Airmedic product, leave a comment letting me know your thoughts!  

Wireless IDS/IPS 

While most people think of wireless intrustion detection & intrusion detection as a security tool, they can also be used monitor and preserve the overall well being of the WLAN.   Therefore, it makes sense to deploy 802.11n capable sensors for security, troubleshooting, & analysis.  

Related Posts: 

Adventures in Capturing Wireless Packets

Just a quick FYI for those *true* WiFi packet analysis junkies out there – I installed OmniPeek Professional 5.1.4 on my HP 6910 laptop.  The software “works” with embedded Intel wireless NIC, but reports invalid data rates for 802.11n traffic.

The work around that I came too was to purchase a 3rd party, dual-band 802.11n USB adapter that has a supported API within the OmniPeek software.

I also have an AirPcap Nx device from CACE Technologies that I like *very* much – USB form factor that allows for wireless packet capture in Windows.  AirPcap integrates directly into Wireshark, which is nice since I “grew up” taking wireless captures in Lib PCAP format under Linux and looking at them in Ethereal.

Advertisements