Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Summary of Contents for Cace Technologies AirPcap Wireless Capture Adapters
- Page 1 Family of Wireless Capture Adapters User’s Guide...
- Page 2 Copyrights Copyright © 2007 CACE Technologies, LLC. All rights reserved. This document may not, in whole or part, be: copied; photocopied; reproduced; translated; reduced; or transferred to any electronic medium or machine-readable form without prior consent in writing from CACE Technologies, LLC.
-
Page 3: Table Of Contents
Contents The AirPcap Product Family...3 A Brief Introduction to 802.11 ...4 Terminology ...4 802.11 Standards ...4 Channels ...5 Types of Frames ...6 How AirPcap Adapters Operate ...7 Multiple Channel Capture (applies to USB adapters only) ...8 Configuring the Adapters: the AirPcap Control Panel ...9 Identifying the AirPcap Adapters ...9 Settings ...10 WEP Keys ...11... - Page 4 Figures Figure 1: The AirPcap Control Panel. Settings Tab...9 Figure 2: AirPcap N and Extension ChannelSetting... 10 Figure 3: The AirPcap Control Panel. Keys Tab..12 Figure 4: Multi-Channel Aggregator... 13 Figure 5: The Wireshark Adapters List... 14 Figure 6: The Wireshark Wireless Toolbar... 15 Figure 7: Wireless Settings Dialog in Wireshark...
-
Page 5: The Airpcap Product Family
Below we provide a feature matrix that gives a high- level overview of the feature sets of the adapters in the AirPcap Product Family. More detailed information regarding each the member of the AirPcap Product Family can be found on the CACE Technologies Website http://www.cacetech.com/. AirPcap Classic Captures Full 802.11 Frames... -
Page 6: Standards
The terms Wireless LAN or WLAN are used to indicate a wireless local area network, e.g. a network between two or more “stations” that uses radio frequencies instead of wires for the communication. All components that can “connect” to a WLAN are referred to as stations. Stations fall into one of two categories: access points or wireless clients. - Page 7 18, 24, 36, 48 and 54 Mbps. 802.11i, ratified in 2004, defines an enhanced security mechanism based on AES. 802.11n, expected to be ratified in 2009, is backward compatible with 802.11a, b, and g, and will operate at 2.4 GHz and optionally 5 GHz. It can potentially support data rates up to 600 Mbps.
- Page 8 interference and accommodate good wireless coverage using multiple BSSs. A BSS is formed by wireless clients “associating” themselves with a particular access point. Naturally, a wireless client will have to “discover” whether there is an access point within range and its corresponding channel.
- Page 9 The Control frames are used to improve the reliability characteristics of the link. The establishment of a BSS through the process of discovery and association is supported by the Management frames, including possible authentication steps in the process. It is beyond the scope of this brief introduction to describe the details of these frames and their usage in the 802.11 protocol.
- Page 10 section WEP Keys on page 11 and The Decryption Keys Management Dialog on page 18 for more information. This section applies to all members of the AirPcap Product family except AirPcap N. When listening on a single channel is not enough, multiple AirPcap adapters can be plugged in a PC and used at the same time to capture traffic simultaneously from different channels.
- Page 11 The AirPcap control panel (Figure 1) provides a convenient and intuitive way to configure the parameters of currently-connected AirPcap adapters. The changes made to an adapter using the AirPcap control panel will be reflected in all of the applications using that adapter. To start the AirPcap control panel, click on START→PROGRAMS→AirPcap→AirPcap Control Panel Select an Adapter from the...
- Page 12 The AirPcap N adapter The AirPcap N adapter Is Selected. Is Selected. Extension Channel Extension Channel Drop-down List for Drop-down List for AirPcap N AirPcap N The Basic Configuration box contains the following settings: • • • Figure 2: AirPcap N and Extension ChannelSetting Channel: The channels available in the Channel list box depend upon the selected adapter.
- Page 13 • • Note: AirPcap stores the configuration information on a per-adapter basis. This means that changing the configuration of an adapter does not affect the settings of any of the other adapters. The AirPcap driver is able to use a set of WEP keys to decrypt traffic that is WEP encrypted.
-
Page 14: Multiple Channel Capture (Applies To Usb Adapters Only)
consideration, since the driver uses the keys in the order they appear in this list. The currently configured keys are shown in the “Keys” list. It is possible to turn WEP decryption on and off at any time by using the “Enable WEP Decryption”... -
Page 15: Settings
the traffic from all the installed USB AirPcap adapters, as if it was coming from a single device (this feature does not include traffic from the AirPcap N adapter). List of Aggregated List of Aggregated Channels Channels Specific Settings for the Specific Settings for the Multi-Channel Aggregator Multi-Channel Aggregator... -
Page 16: The Wireless Toolbar
The user interface of Wireshark is completely integrated with AirPcap. This increases your productivity, and allows you to get the best from the network analyzer you are used to. Figure 5 shows the Wireshark Capture Interfaces dialog (Capture→Interfaces). The AirPcap Interfaces are easly identified by icon next to them. - Page 17 Channel offset for AirPcap N Channel offset for AirPcap N Change the adapter’s Change the adapter’s channel while it’s channel while it’s capturing capturing Tip: AirPcap User’s Guide When Wireshark starts, the active interface is the default one (Edit→Preferences→Capture→Default Interface). During Wireshark usage, the active interface is the last one used for packet capture.
-
Page 18: The Wireless Settings Dialog
The Wireless Settings Dialog (Figure 7) can be used to set the advanced parameters of an AirPcap adapter. The dialog can be accessed either from the Wireless Toolbar (Wireless Settings) or from the main menu (Capture→Options→Wireless Settings). Decryption mode: can be one of the following: •... -
Page 19: Figure 7: Wireless Settings Dialog In Wireshark
The parameters that can be configured are: • • • • • AirPcap User’s Guide Figure 7: Wireless Settings Dialog in Wireshark Channel: the channels are specified in terms of their center frequencies and the range of channels varies from adapter to adapter. Channel Offset: set to -1, 0, or +1 for AirPcap N. -
Page 20: Figure 8: Decryption Keys Management Dialog In Wireshark
This dialog window (shown in Figure 8) can be used to organize the keys that will be used to decrypt the wireless packets. It is possible to decrypt packets encrypted with WEP, WPA and WPA2. however, notice that: As explained in “The Wireless Toolbar” section, there are three possible decryption modes: None, Driver and Wireshark. - Page 21 WEP keys are array of bytes of arbitrary length expressed in hexadecimal. WPA and WPA2 keys can be of two types: The keys that you specify in this list are global. Every AirPcap adapter, included the Multi-Channel Aggregator, will use them. The Multi-Channel Aggregator has its own FCS Filter, Capture Type and option to Include 802.11 FCS in Frames.
- Page 22 There are several freeware and open-source tools that are compatible with AirPcap Tx and AirPcap Ex. Since these tools have not been developed by CACE Technologies, it is recommended that you visit their official websites for additional information. Using the AirPcap API, AirPcap Tx and Ex can inject any kind of frame, including control, management, and data frames.
- Page 23 The best sources of information about the Wireshark network analyzer are: • • • • If you are a developer, the best sources of information are: • • • AirPcap User’s Guide The documentation page on the Wireshark website, http://www.wireshark.org/docs/. From here you can download the User’s Guide, the man pages, and the developer’s manuals.
- Page 24 2312MHz to 2372 MHz in 5MHz steps. The 802.11b/g center frequencies and corresponding channel numbers are: (2412MHz, Channel 1) to (2472MHz, Channel 13), where the frequencies are incremented by 5MHz and the channel numbers by 1. There is an additional frequency for channel 14, namely, 2484MHz which is 12MHz beyond channel 13.
- Page 25 • • • AirPcap N supports a wide range of center frequencies. As usual, the channel bandwidth around each center frequency is 20MHz. The center frequencies supported by the Cardbus AirPcap N adapter are: • • • • • • AirPcap User’s Guide 4920MHz to 4995MHz in 5MHz increments.