Now that we have our new Aerohive APs in our office, we’ve been excited to learn more about wireless troubleshooting and debugging. The built-in packet capture feature in HiveManager NG makes getting traces into CloudShark for analysis really easy. Now that we have the traces, what do we do with them?
We wanted to put together a list of some of the resources that have helped us get started learning about the 802.11 world. We hope they’re helpful to you too!
Practical Packet Analysis
Chris Sanders’ book Practical Packet Analysis (3rd edition) is an excellent guide for all things packet-analysis. No matter where you’re starting your network analysis task, this is a great book to have.
In chapter 13, Chris goes into some details on wireless traffic. Among the tips he gives an example of some wireless-specific columns that are very helpful to add to your profile. In CloudShark, this can be accomplished by clicking the “Profile” button in the top-right, and either dragging the columns you are looking for into the table-headers, or by adding a custom column based on a display filter field name. Chris also gives a good overview of the different kinds of wireless traffic.
Speaking of good columns, this post from Semfio Networks has a downloadable PDF of Wireshark display-filters that will come in handy when looking at wireless traces. You can use these in CloudShark to make custom columns, or apply them as display filtes to show or hide certain packets. Remember, CloudShark is 100% compatible with Wireshark display filters!
The Definitive Guide
You can’t get more definitive than 802.11 Wireless Networks: The Definitive Guide, Second Edition - This is the go-to book recommended all over the internet for everything you ever wanted to know about 802.11 (and probably then some!)
There are a few additional tools that we regularly reach for when looking at wireless. Adrian Granados has written a few programs that are very helpful when we need to troubleshoot from the client’s perspective. Having packet capture in HiveManager NG gets the AP’s side of the story, but sometimes you need to also capture near the client.
Airtool is one of our first choices when needing to capture packets on our MacBook’s wireless interface. It’s a free tool that allows you to easily configure your capture channel and bandwidth. It has CloudShark integration built-in, so you can upload client-side packet captures right alongside the captures taken on the access point and compare traces side-by-side.
WiFi Explorer is another powerful tool that is great for surveying the wireless environment around you. The combination of these tools makes it easy to take a good capture from the client environment.
Blogs and other sites
Of course, when in doubt - Google it! There are so many Wi-fi professionals in the world and the internet at large is a great place to look for help.
Do you have a favorite book, blog, or publication that you recommend for learning about WiFi? Send it to @cloudshark on Twitter and we’ll add your suggestions to the list!
Want articles like this delivered right to your inbox?Sign up for our Newsletter
No spam, just good networking.