Practical Techniques for Analyzing Wi-Fi Traffic

Duration:

5 Days

Audience:

Employees of federal, state and local governments; and businesses working with the government.

Learn to capture and analyze suspicious data on wireless networks.

Wi-Fi/WLAN network analysis is a specialized subset of traditional network analysis and encompasses not only the skill of capturing data, but also the ability to discern unusual patterns hidden within seemingly normal network traffic. Through real-world examples and hands-on exercises, you will gain a set of analysis techniques focused on using vendor-neutral, open source tools in the following areas:

  • Wireless network analysis fundamentals
  • Wireless-focused network security principles, including encryption technologies and defensive configurations of network infrastructure devices
  • Recognition of a variety of issues that affect Wi-Fi/WLAN-based networks and the quality of the data
  • Open source wireless network analysis tools
  • Specialized wireless network analysis, including audio data traffic reconstruction and viewing techniques

You will receive:

  • Training binder with numerous baseline trace files
  • DVD with VoIP and networking tools
  • Library of Wireless Network Analysis reference documents

You are required to bring your own laptop.

What You’ll Learn

  • Principles of wireless network analysis and how to apply them
  • Key wireless-related protocols, including data, management, control, and related supporting protocol architectures
  • Analyze and evaluate latency, out-of-sequence packets, packet loss, and retransmissions and how the end user experiences them
  • Select and configure various open source tools for wireless analysis
  • Utilize tools to recognize traffic patterns associated with wireless network behavior
  • Recognize potential wireless network security infrastructure misconfigurations
  • Use AirPcap Ex 802.11 a/b/g WLAN adapters provided by Riverbed for real-world practice

Who Needs to Attend

Wireless network engineers and Ethernet network engineers with basic- to intermediate-level general networking knowledge looking to add wireless capabilities to an existing network

Prerequisites

  • Familiarity with TCP/IP networking, Wi-Fi fundamentals, and network infrastructure devices such as switches, routers, etc.

Course Outline

1. Wireless and RF Fundamentals

  • Overview of Wireless
    • Wireless Technology and Nomenclature
    • RF Propagation and Interference
    • Wireless Antennas
    • Power Measurements
  • Wireless Communication Architectures
    • Hardware
    • Service Sets
  • Data Collection
    • Wireless Capture Criteria
    • Capture Configurations and Locations

2. Wireless Core Technologies: IEEE 802.11 a/b/g/n

  • IEEE 802.11 Physical and MAC Layer
    • Physical Layer: PLCP
    • Spread Spectrum Technology
    • Collocation and Throughput Analysis
  • Wireless Data Transmission
    • IEEE 802.3 Ethernet vs. IEEE 802.11 Frame Formats
    • CSMA/CD vs. CSMA/CA
    • Data Transmission
  • Statistical Assessment of Wireless Networks
    • Assessment of Statistics: What is Good vs. What is Bad
    • Analysis of User and Background Traffic
    • Selecting Key Information for Statistical Evaluation
    • Using a Host Table as a VoIP Analysis Aid
  • Wireless Expert Network Analysis
    • Using Expert Systems tEvaluate Wireless Network Performance
    • Determining Which Conversations Have Problems: Analyzing Latency, Throughput, Excessive Packet Loss, and Retransmissions
    • Visual-Based Wireless Analysis
    • Optimizing an Expert System
  • Tracking Wireless Packet Flow
    • Diagramming and Interpreting a Conversation
    • Forensic Analysis of Packets
  • Wireless Site Survey and Network Optimization
    • WLAN Site Surveys
    • Integrating Wired and WLAN Technologies
    • Identifying Interference Sources
    • Maximizing Co-Location and System Throughput

3. Other Wireless Technologies: IEEE 802.15 / 16 / 20

  • SoHWireless Technologies
    • Home RF
    • IEEE 802.15 Bluetooth
    • Infrared I
    • IEEE 802.16 Zigbee
    • IEEE 802.20
  • Emerging Wireless Technologies and 3G/4G
    • PBCC
    • Future Technologies Entering the Workspace: 3G/4G

4. Wireless Forensics and Security Overview

  • Wireless Security Overview
    • WLAN Security Basics
    • Encryption
    • Protecting WLANs Against Attacks
    • Security Recommendations
  • Wireless Forensic Analysis
    • Forensic Reconstruction

Appendix 1: Wireless Network Analysis Reference Information

Appendix 2: Baseline Wireless Trace Files

Labs

Lab 1: Wireless Terminology

Lab 2: Configuring a Wireless Lab

Lab 3: Computing Decibels, Gains, and Losses

Lab 4: Wireless Hierarchy Relationships and Roaming

Lab 5: Wireless Data Capture

Lab 6: Tracking User Movement via Association

Lab 7: Fragmentation and Acknowledgements

Lab 8: Statistical Assessment of the Network

Lab 9: Wireless Analysis using Filters: WLAN Types

Lab 10: Show Me the Trouble and Visual Troubleshooting

Lab 11: Diagramming a Conversation

Lab 12: Interference and Spectrum Analysis Evaluation

Lab 13: Evaluating Bluetooth Interference Patterns

Lab 14: Analyzing WEP and WPA Encrypted Traffic

Lab 15: Detecting and Analyzing WLAN Intrusions

Lab 16: What Happened to My WLAN Network?