Troubleshooting WLANs (Part 1)

Similar documents
SharkFest 18 Europe. Troubleshooting WLANs (Part 1) Layer 1 & 2 Analysis Using Wireshark, Wi-Spy & Other Tools. Rolf Leutert

SharkFest 18 Europe. Troubleshooting WLANs (Part 2) Troubleshooting WLANs using Management & Control Frames. Rolf Leutert

Welcome! SharkFest 16 Europe. Troubleshooting WLANs (Part 2) Rolf Leutert

Troubleshooting WLANs (Part 2)

SharkFest 16 Europe. Troubleshooting with Monitoring Mode Finding Patterns in your pcaps

Public Wireless LAN Service.

IT220 Network Standards & Protocols. Unit 6: Chapter 6 Wireless LANs

NT1210 Introduction to Networking. Unit 6: Chapter 6, Wireless LANs

SharkFest '17 Europe

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

1.0 Basic RF Characteristics (15%) 1.1 Describe RF signal characteristics Frequency Amplitude Phase 1.1.

Guide to Wireless Communications, Third Edition. Objectives

SharkFest'17 US. Basic workshop of. IEEE packet dissection. Megumi Takeshita


Wireless Networks

Wi-Fi Network applications for Apple Mac OS X

Overview : Computer Networking. Spectrum Use Comments. Spectrum Allocation in US Link layer challenges and WiFi WiFi

ONE521 Proximus Wifi Web Interface User Guide

CWAP-402.exam. Number: CWAP-402 Passing Score: 800 Time Limit: 120 min File Version: CWAP-402

Table of Contents 1 WLAN Service Configuration 1-1

Wireless# Guide to Wireless Communications. Objectives

Q&As. Implementing Cisco Unified Wireless Voice Networks (IUWVN) v2.0. Pass Cisco Exam with 100% Guarantee

based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

CWNP PW Certified Wireless Analysis Professional. Download Full Version :

3.1. Introduction to WLAN IEEE

Wireless Challenges and Resolutions

However, first it is always best to prove which channels are in use via inssider Home.

MTTplus Modular Test Platform

Wireless Terms. Uses a Chipping Sequence to Provide Reliable Higher Speed Data Communications Than FHSS

screenshots from it. Then once you have sent them to me, I do the rest & make recommendations to help sort the problem.

inssider User Guide inssider by MetaGeek USER GUIDE Page 1 Tel: +44 (0) Fax: +44 (0)

Chapter 7. Basic Wireless Concepts and Configuration. Part I

04/11/2011. Wireless LANs. CSE 3213 Fall November Overview

802.11g PC Card/USB Wireless Adapter

T h e B e s t S o l u t i o n f o r H i g h D e n s i t y W i F i N e t w o r k s

Wireless Networking. Chapter The McGraw-Hill Companies, Inc. All rights reserved

MSIT 413: Wireless Technologies Week 8

Eye P.A. User Guide. Table of Contents

Session 1 exercise Download and save locally. When completing the exercise, please mail it to

Per-WLAN Wireless Settings

EnGenius Quick Start Guide

Institute of Electrical and Electronics Engineers (IEEE) IEEE standards

SOLVING ANDROID IPTV VIDEO STREAMING ISSUES

802.11n and g Performance Comparison in Office Size for FTP Transmission

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov.

Version /25/2017. User Manual. DAP-1665 AC1200 Wi-Fi Range Extender/Access Point DAP-1665

Wireless LANs. ITS 413 Internet Technologies and Applications

WLAN a-z 2010/02/15. (C) Herbert Haas

Wireless Security Protocol Analysis and Design. Artoré & Bizollon : Wireless Security Protocol Analysis and Design

WiFi Networks: IEEE b Wireless LANs. Carey Williamson Department of Computer Science University of Calgary Winter 2018

IEEE Romel Rudyard J. Lucentales, ECE 5

Step-by-Step: Handling RF Interference Challenges

WRE2206. User s Guide. Quick Start Guide. Wireless N300 Range Extender. Default Details. Version 1.00 Edition 1, 01/2015

Overview of Wi-Fi. Dr. Srikanth Subramanian CKO, Nanocell Networks Wi-Fi A Wireless Success Story

Technical Introduction

Last Lecture: Data Link Layer

from the drop down menu. Clone your PC's MAC address under the DNS settings.

Wireless# Guide to Wireless Communications. Objectives

Data and Computer Communications. Chapter 13 Wireless LANs

Chapter 2 Installation and Configuration

] Designing Cisco Wireless Enterprise Networks

WLAN TRENDS. Dong Wang. Prof. Dr. Eduard Heindl 05/27/2009. E-Business Technologies

Table of Contents. inssider Office User Guide

Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE

Wireless Router at Home

802.11ac Wireless Access Point Model WAC104

Cisco Troubleshooting Cisco Wireless Enterprise Networks WITSHOOT v1.1

Survey Name ABC123 Ltd Surveyor Adam Loca on Descrip on Wireless Site Survey Date(s) 05 October 2017

Wireless LANs. The Protocol Stack The Physical Layer The MAC Sublayer Protocol The Frame Structure Services 802.

Configuring parameters and Band Selection

Application Note: WLAN Troubleshooting Using AirCheck G2 Wireless Tester

Application Note: WLAN Troubleshooting Using AirCheck G2 Wireless Tester

Large-scale Measurements of Wireless Network Behavior

Insight Managed Smart Cloud Wireless Access Point User Manual

Troubleshooting Microsoft Windows XP-based Wireless Networks in the Small Office or Home Office

CSMC 417. Computer Networks Prof. Ashok K Agrawala Ashok Agrawala. Fall 2018 CMSC417 Set 1 1

Overview of Wireless LANs

This course provides students with the knowledge and skills to successfully survey, install, and administer enterprise Wi-Fi networks.

Complexity. An introduction to protocol chaos. Andrés Blanco. CC License - Swtiruty Rgbytw

Learn How to Configure EnGenius Wi-Fi Products for Popular Applications

original standard a transmission at 5 GHz bit rate 54 Mbit/s b support for 5.5 and 11 Mbit/s e QoS

Alternate PHYs

Mobile & Wireless Networking. Lecture 7: Wireless LAN

Introduction to Wireless Networking CS 490WN/ECE 401WN Winter 2007

Linksys EA-Series Routers

Viewing Status and Statistics

Exam Questions Demo Cisco. Exam Questions

LevelOne User Manual WNC-0600USB N_One Wireless USB Adapter

High Density Experience Features in Release 8.0

Wi-Fi Technology, Standards,and Evolution. Dr. Srikanth Subramanian CKO, Nanocell Networks

Naveen Kumar. 1 Wi-Fi Technology

WLAN Network Planning and Site Survey

Wireless LAN. Access Point. Provides network connectivity over wireless media

Wireless and Mobile Networks 7-2

3 Steps for Managing RF Interference Challenges

Application Note: WLAN Troubleshooting Using AirCheck G2 Wireless Tester

Advanced Network Troubleshooting Using Wireshark (Hands-on)

Think Enterprise WLAN, Think Samsung

Author: Bill Buchanan. Wireless LAN. Unit 2: Wireless Fundamentals

Transcription:

SharkFest 17 Europe Troubleshooting WLANs (Part 1) Layer 1 & 2 Analysis Using AirPcap, Wi-Spy & Other Tools 8. November 2017 Rolf Leutert Leutert NetServices Switzerland www.netsniffing.ch #sf17eu Estoril, Portugal 7-10 November 2017

Introduction 2 Rolf Leutert, El. Ing. HTL Leutert NetServices Zürich-Airport, Switzerland Network Analysis & Troubleshooting Protocol Trainings TCP/IP, WLAN, VoIP, IPv6 Wireshark Certified Network Analyst 2010 Wireshark Instructor since 2006 Sniffer certified Instructor since 1990 leutert@netsniffing.ch www.netsniffing.ch

Session Objectives 3 Learn what you can see on WLAN layer 1 and layer 2 Learn which tools can help you finding WLAN problems Learn which tool supports which layer Learn how to use Radiotap and PPI header information Learn how to customize Wireshark to show you specific WLAN information Licensed by istockphoto.com Troubleshooting wireless networks is a demanding task and requires detailed understanding of important functions on layer 1 and 2!

Troubleshooting WLANs comprises Layer 1 and Layer 2 4 Layer 1 - Physical Access FH, DSSS, OFDM, coding, modulation, bands, channels, frequencies, noise, signal strength, interferences etc. Clients: WiFi and non-wifi devices like surveillance cameras, remote control, microwave, health gadgets etc. Tools: Spectrum Analyser (e.g. Wi-Spy) Layer 2 - Data Link Control WiFi Standards 802.11 a/b/g/n/ac framing, management, access control, security, encryption etc. Clients: WiFi compatible devices only Tools: Wireshark, AirPcap, Scanners

WLAN Layer 1 Analysis 5 WLAN (WiFi) devices are working in the 2.4 GHz ISM* and 5 GHz UNII** bands But both bands are free for any use, WiFi as well as non-wifi devices Especially the 2.4 GHz band is often crowded with non-wifi devices The only restriction is max. radiated power according to country regulations Non-WiFi clients use any kind of modulation and may interfere with WiFi Layer 2 tools like Wireshark can not detect non-wifi devices Spectrum analyzers scan the bands and show shape and strength of all signals Wi-Spy DBx spectrum scanner and Chanalizer software displays and records all layer 1 signals in both 2.4 GHz and 5 GHz bands. www.metageek.com * ISM Industrial, Scientific and Medical **UNII Unlicensed National Information Infrastructure

WLAN Layer 1 Analysis 6 Non-WiFi Devices Signatures Home trainers in a fitness center Microwave oven Remote control of model airplanes Wireless guitar

Live Demo: Wi-Spy & Chanalyzer 7 WiFi 802.11ac with four bonded channels

Live Demo: Wi-Spy & Chanalyzer 8 Live Demonstration Wi-Spy & chanalyzer

WLAN Layer 1 Analysis (Case one) 9 Large logistic enterprise, depending on WLAN for day-to-day operations Two container cranes to load/unload trains require WLAN connections

WLAN Layer 1 Analysis (Case one) 10 User complain about log-in timeouts and disconnections during operations Crane #2 is hardly usable due to unreliable WLAN connection Tech-Support has already changed WiFi channels and added additional AP

WLAN Layer 1 Analysis (Case one) 11 Starting with layer 2 analysis near crane #2 in channels 1, 6, and 11 Wireshark shows up to 70% of frames with bad FCS or the Retry Flag set

WLAN Layer 1 Analysis (Case one) 12 Continuing with layer 1 analysis near crane #2 in 2.4 GHz band Strong interference with non-wifi signals on all three channels detected Signal source is outside of customers campus Swiss radio authority informed If this transmitting power is within legal limits Change to 5 GHz band required

WLAN Layer 1 Analysis (Case one) 13 Swiss radio authority (BAKOM) scanned the 2.4 GHz band with their own tool Strong interfering signal caused by a defective railway induction loop BAKOM scan result Traffic monitoring induction loop +

WiFi Scanners 14 WiFi scanners show you available access points with lots of information like SSID, channel no, channel width, max. rate, security mode etc. Some tools are able to perform throughput simulations No adapter required, WiFi scanners are using internal WLAN cards

WiFi Scanners (just a few popular ones) 15 Acrylic WiFi scanner Ekahau HeatMapper inssider NetStumbler Wifi Analyzer (Android) WifiInfoView WifiScanner www.acrylicwifi.com www.ekahau.com www.metageek.com www.netstumbler.com play.google.com www.nirsoft.net wifiscanner.sourceforge.net Wifi Scanner www.apple.com/osx/apps/app-store Remark: Apple IOS (iphone/ipad) has locked direct access to the WiFi interface for stability and other unknown reasons. Jailbreak is required to install and run WiFi Scanner apps on these devices.

WiFi Scanners 16 All these tools have the following limitations in common: Scanning on layer 2, therefore only WiFi devices can be detected. Non-802.11 sources like surveillance cameras etc. are invisible. WiFi scanners read data from Beacon and other management frames WiFi Scanners will not provide any information if Beacon frames interfere with non 802.11 devices on layer 1!

USB WLAN Layer 2 Analysis 17 Browser Mail Office Protocol Driver: TCP/IP NIC Driver Windows Applications Wireshark Capture Driver: AirPcap USB Driver Frequently Asked Questions: Can I use my built-in WLAN NIC with Wireshark? Only your own traffic and no management and control frames will be captured Why would I need multiple AirPcaps? To capture roaming processes Can I use AirPcaps to join a WLAN? No, AirPcaps are monitoring devices only. Can I decrypt data with AirPcap adapter? Yes, if shared keys are used, key is available and key negotiation is captured WLAN (NIC) AirPcap Adapter 1 AirPcap Adapter 2 AirPcap Adapter 3 MAC OS X and some Linux Drivers also support WLAN monitoring: http://linuxwireless.org/en/users/drivers

WLAN Layer 2 Analysis 18 Capturing with the built-in WLAN NIC may display faked Ethernet frames only Only Data frames and no Radio or WLAN header will be seen

WLAN Layer 2 Analysis with AirPcap 19 1. Turn on Wireless Toolbar 2. Click on AirPcap Control Panel 3. Configure AirPcap Settings

WLAN Layer 2 Analysis with AirPcap 20 You may have to start Wireshark in Admin Mode to see the AirPcap I/Fs Verify the settings on the Capture Interfaces pane 1. Select Virtual Adapter 2. Press to Start Capturing

WLAN Layer 2 Analysis with AirPcap 21 Key features: Radio cells use one or multiple 20 MHz channels (n/ac) to increase throughput Each radio cell is a shared media and is controlled by an Access Point (AP) A mobile client can be associated with only one AP at the time Radio cell access is controlled by managements and control frames Wireshark with AirPcap can capture and analyze these frames Understanding of these frames is crucial for WLAN troubleshooting AirPcap Nx 802.11a/b/g/n USB - adapter works with Wireshark and captures Wi-Fi packets in both 2.4 GHz and 5 GHz bands. www.riverbed.com/products/ +

Exclusive Product Announcement 22 Softing IT Networks introduces new multi-channel Wireless Analyzer Includes 4 wireless adapter with 16 integrated antennas Supports 4x4 MIMO up to IEEE 802.11ac Wave 2 up to 800 Mbps USB-C type connector for data and unit power 2.4 GHz or 5 GHz version available Notebook with Linux OS (Ubuntu) Creates.pcapng files incl. Radiotap Price target: below EUR 2 000 Availability: planned for 1 st Qu. 2018 Planned features: 4 channel bonding (up to 1730 Mbps) Dual band support (2.4 and 5 GHz) Optional integrated battery Supporting most Linux s and Mac OS Multi-Channel WLAN Analyzer Joint development of: Softing IT Networks GmbH 85540 Haar, Germany and GHMT AG 66450 Bexbach, Germany +

Exclusive Product Announcement 23 * AirPcap Nx supports Legacy, HT20 or HT40 mode (no SGI & Greenfield mode) Softing WLAN Analyzer will support up to 4 channels per WLAN adapter

Exclusive Product Announcement 24 Softing WLAN Analyzer configuration menu including Longterm Monitoring feature: Using Dumpcap to write packets directly to a file without starting Wireshark Creates an individual pcapng file per WLAN adapter, a new one every 5 Minutes Packet size (Snaplen) is set to 500 Bytes +

Exclusive Product Announcement 25 Simultaneous capturing in channels 36, 40, 44 & 48

Exclusive Product Announcement 26 Live Demonstration Softing WLAN analyzer

The AirPcap Radiotap and PPI pseudo-header 27 Revision Pad Length Present Flags Data Fields Data Fields Radiotap or PPI Header Radiotap or the newer PPI (Per Packet Information) are so called pseudoheaders because they are not transmitted with the frame. They are added by the driver during reception and contain additional radio information about the frame. Receive signal strength, bit rate, channel number and other fields are added These fields can be added as columns in Wireshark and support troubleshooting Some other driver (i.e. MAC OS X) may also add these headers More detailed information: Radiotap: http://www.radiotap.org/radiotap PPI manual: http://www.cacetech.com/documents/ppi_header_format_1.0.1.pdf

The AirPcap Radiotap and PPI pseudo-header 28 Radiotap Pseudo-Header added by AirPcap Classic PPI Pseudo-Header added by AirPcap NX

Customize Wireshark for WLAN analysis 29 Create a Wireshark profile for WLAN settings Add columns with radio information values from the PPI header Add specific Quick Filter buttons with management & control frames Add Quick Filter buttons Use these fields to Apply as Column

Customize Wireshark for WLAN analysis 30 To add different channel colors select View Coloring Rules

WLAN Layer 2 Analysis using 802.11 Mgmt. & Control frames 31 802.11Frame Types Overview Management Frames: Beacon Probe Request & Response Authentication & Deauthentication Association & Disassociation Reassociation Request & Response Action Control Frames: Request to Send (RTS) Clear to Send (CTS) Acknowledge / Block Acknowledge Request / Block Acknowledge Power Save Poll Data Null Function Data Frames: +

SharkFest 17 Europe That s it for part 1, hope to see you back for: Troubleshooting WLANs (Part 2) Hot News: Including KRACK!!! #sf17eu Estoril, Portugal 7-10 November 2017

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback