Cace Technologies AirPcap User Manual

Manual is about: Family of Wireless Capture Adapters

Summary of AirPcap

  • Page 1

    Family of wireless capture adapters user’s guide.

  • Page 2

    Copyrights copyright © 2007 cace technologies, llc. All rights reserved. This document may not, in whole or part, be: copied; photocopied; reproduced; translated; reduced; or transferred to any electronic medium or machine-readable form without prior consent in writing from cace technologies, llc. A...

  • Page 3

    I contents and figures contents the airpcap product family ........................................................................3 a brief introduction to 802.11 .....................................................................4 terminology ........................................................

  • Page 4

    Ii airpcap user’s guide figures figure 1: the airpcap control panel. Settings tab.....................................9 figure 2: airpcap n and extension channelsetting................................. 10 figure 3: the airpcap control panel. Keys tab. ..................................... 12 figure ...

  • Page 5

    3 the airpcap product family the airpcap offerings are the first open, affordable and easy-to-deploy packet capture solution for windows. All of the airpcap offerings will capture full 802.11 data, management, and control frames that can be viewed in wireshark thereby providing in-depth protocol dis...

  • Page 6

    4 airpcap user’s guide a brief introduction to 802.11 terminology the terms wireless lan or wlan are used to indicate a wireless local area network, e.G. A network between two or more “stations” that uses radio frequencies instead of wires for the communication. All components that can “connect” to ...

  • Page 7

    Airpcap user’s guide 5 18, 24, 36, 48 and 54 mbps. 802.11i , ratified in 2004, defines an enhanced security mechanism based on aes. 802.11n , expected to be ratified in 2009, is backward compatible with 802.11a, b, and g, and will operate at 2.4 ghz and optionally 5 ghz. It can potentially support d...

  • Page 8

    6 airpcap user’s guide interference and accommodate good wireless coverage using multiple bsss. A bss is formed by wireless clients “associating” themselves with a particular access point. Naturally, a wireless client will have to “discover” whether there is an access point within range and its corr...

  • Page 9

    Airpcap user’s guide 7 the control frames are used to improve the reliability characteristics of the link. The establishment of a bss through the process of discovery and association is supported by the management frames, including possible authentication steps in the process. It is beyond the scope...

  • Page 10

    8 airpcap user’s guide section wep keys on page 11 and the decryption keys management dialog on page 18 for more information. Multiple channel capture (applies to usb adapters only) this section applies to all members of the airpcap product family except airpcap n . When listening on a single channe...

  • Page 11

    Airpcap user’s guide 9 configuring the adapters: the airpcap control panel the airpcap control panel (figure 1) provides a convenient and intuitive way to configure the parameters of currently-connected airpcap adapters. The changes made to an adapter using the airpcap control panel will be reflecte...

  • Page 12

    10 airpcap user’s guide settings the airpcap n adapter is selected. Extension channel drop-down list for airpcap n the airpcap n adapter is selected. Extension channel drop-down list for airpcap n figure 2: airpcap n and extension channelsetting the basic configuration box contains the following set...

  • Page 13

    Airpcap user’s guide 11 specification). Ppi and radio information includes additional information not contained in the 802.11 frame: transmit rate, signal power, signal quality, channel, and (for ppi) multiple antenna information. • include 802.11 fcs in frames: if checked the captured frames will i...

  • Page 14

    12 airpcap user’s guide consideration, since the driver uses the keys in the order they appear in this list. The currently configured keys are shown in the “keys” list. It is possible to turn wep decryption on and off at any time by using the “enable wep decryption” check box. Figure 3: the airpcap ...

  • Page 15

    Airpcap user’s guide 13 the traffic from all the installed usb airpcap adapters, as if it was coming from a single device (this feature does not include traffic from the airpcap n adapter). Specific settings for the multi-channel aggregator list of aggregated channels the aggregator uses the global ...

  • Page 16

    14 airpcap user’s guide airpcap and wireshark the user interface of wireshark is completely integrated with airpcap. This increases your productivity, and allows you to get the best from the network analyzer you are used to. Identifying the airpcap adapters in wireshark figure 5 shows the wireshark ...

  • Page 17

    Airpcap user’s guide 15 when wireshark starts, the active interface is the default one (edit→preferences→capture→default interface). During wireshark usage, the active interface is the last one used for packet capture. Change the adapter’s channel while it’s capturing set the adapter to capture or d...

  • Page 18

    16 airpcap user’s guide • decryption mode: can be one of the following: o none: no decryption is performed, neither at the driver level nor in wireshark. O wireshark: the driver doesn’t perform any decryption of the captured packets, and they are decrypted by wireshark while displaying them. This ha...

  • Page 19

    Airpcap user’s guide 17 figure 7: wireless settings dialog in wireshark the parameters that can be configured are: • channel: the channels are specified in terms of their center frequencies and the range of channels varies from adapter to adapter. • channel offset: set to -1, 0, or +1 for airpcap n....

  • Page 20

    18 airpcap user’s guide the decryption keys management dialog this dialog window (shown in figure 8) can be used to organize the keys that will be used to decrypt the wireless packets. It is possible to decrypt packets encrypted with wep, wpa and wpa2. However, notice that: • in order to decrypt wpa...

  • Page 21

    Airpcap user’s guide 19 wep keys are array of bytes of arbitrary length expressed in hexadecimal. Wpa and wpa2 keys can be of two types: • passphrase (wpa-pwd): this is the passprase and ssid combination most often used to configure wpa and wpa2. The passphrase is a string between 8 and 63 character...

  • Page 22

    20 airpcap user’s guide transmit raw 802.11 frames on your network for advanced users, airpcap tx and airpcap ex have the ability to inject raw 802.11 frames into your wireless network which makes them an invaluable aid in assessing the security of your wireless network. There are several freeware a...

  • Page 23

    Airpcap user’s guide 21 where to learn more the best sources of information about the wireshark network analyzer are: • the documentation page on the wireshark website, http://www.Wireshark.Org/docs/ . From here you can download the user’s guide, the man pages, and the developer’s manuals. • the wir...

  • Page 24

    22 airpcap user’s guide appendix a: 802.11 frequencies 2.4ghz band 2312mhz to 2372 mhz in 5mhz steps. The 802.11b/g center frequencies and corresponding channel numbers are: (2412mhz, channel 1) to (2472mhz, channel 13), where the frequencies are incremented by 5mhz and the channel numbers by 1. The...

  • Page 25

    Airpcap user’s guide 23 • 4920mhz to 4995mhz in 5mhz increments. These correspond to a channels 240 to 255. • 5000mhz to 5995mhz in 5mhz increments. These correspond to a channels 0 to 199 • 6000mhz to 6100mhz in 5 mhz increments airpcap n airpcap n supports a wide range of center frequencies. As us...