Archive

Posts Tagged ‘Wi-Fi’

Over-the-air wireless data frame capture

September 21, 2017 1 comment

Patent analysis often involves investigating how a particular solution functions in order to determine the potential for use of a given patented claim, and sometimes this investigation entails analyzing wirelessly-communicated data.

In an earlier post I described how to capture IP packets sent to/from wireless devices by using a Windows OS computer as a wireless hotspot together with Wireshark, a packet capture and analysis software tool. While that technique works well for capturing and analyzing IP packets communicated between a wireless device on the wireless LAN (WLAN) and a remote server, that technique does not capture lower-level point-to-point MAC frames communicated between devices on the WLAN, such as between the hotspot computer and a wireless device or between two wireless devices connected to the WLAN.

Within a WLAN, devices do not need to leverage transport or network packets (e.g., TCP/IP) to communicate with one another since they are on a shared medium and so can use the data link instead. To capture the frames sent on the shared wireless medium, there is another process I can recommend. This process provides for capturing communicated frames, such as between a computer application and a smartphone on the WLAN. The guidance below presumes that you have permission to capture wireless frames transmitted over the wireless network.

  1. Fire up an unencrypted IEEE 802.11g wireless access point on a channel that is free or the least crowded. The “g” aspect is important, because newer protocols such as “n” and “ac” complicate capture due to variables like channel width and spatial streams. Having the access point be passcode-free and unencrypted is important as well because it allows for reading frames in the clear (presuming no other encryption is used for the transported data), though it is possible to use Wireshark to decrypt encrypted channels if you know the credentials — this is not covered herein.
  2. Boot Kali Linux on a computer. Kali is a Linux distribution with tools built in for performing penetration testing.
  3. Connect a wireless adapter that support IEEE 802.11g along with “monitor mode.” An example is Panda’s PAU05 300Mbps Wireless 802.11n USB Adapter — I have found that this particular adapter works well. Some other monitor mode wireless adapters that may function well are listed here and here.
  4. Use Kali built-in tools like airmon-ng and airodump-ng to monitor Wi-Fi channels and capture data while your devices under test are communicating. This further article on passive Wi-Fi connection sniffing provides alternate, but similar, techniques in deep detail.
  5. Once you have captured the sequence of data you wish, discontinue the capture and open the resulting “PCAP” file in Wireshark, which is conveniently preloaded in the Kali Linux distribution. In Wireshark you can analyze the data there.

Obviously much more could be written about each of the tools and protocols above, and indeed, books have been written about each. However, here you have a short list of high-level steps to perform for passive Wi-Fi data sniffing, along with a complete set of the hardware and software you will need.

For potential future discussion is packet capture in a wired network, such as via Ethernet.

 

Standards Sources

October 9, 2013 Comments off

I spend a fair amount of my time reviewing wireless air interface and data communications inventions, and so I often need to reference appropriate related standards and specification documents. Below is a very partial list of wireless and general data communications standards and specifications along with their associated website links. I hope you find these references helpful and that these hasten your standards document searches.

LTE (and LTE-Advanced) air interface (E-UTRA): published by 3GPP: http://www.3gpp.org/ftp/Specs/html-info/36-series.htm

UMTS/HSPA air interface (UTRA): published by 3GPP: http://www.3gpp.org/ftp/Specs/html-info/25-series.htm

Wi-Fi (802.11): published by IEEE:

Bluetooth: published by Bluetooth Special Interest Group: https://www.bluetooth.org/Technical/Specifications/adopted.htm

Near Field Communication (NFC): published by NFC Forum: http://www.nfc-forum.org/specs/

WiMAX (802.16): published by IEEE: http://standards.ieee.org/about/get/802/802.16.html

CDMA2000 (incl. EV-DO, etc.): published by 3GPP2: http://www.3gpp2.org/public_html/specs/

Internet communications (e.g., HTTP, SIP, DNS, etc.): published by Internet Engineering Task Force (IETF): http://www.ietf.org/rfc.html

Web application technologies (e.g., HTML, CSS, XML, SOAP, DOM, etc.): published by World Wide Web Consortium (W3C): http://www.w3.org/standards/

SIM/USIM: published by 3GPP: http://www.3gpp.org/ftp/Specs/html-info/31-series.htm

Mobile device APIs (e.g., device management, M2M, etc.): published by Open Mobile Alliance (OMA): http://technical.openmobilealliance.org/Technical/current_releases.aspx