CTS 125: 802.11 Frame Captures on Windows
Clear To Send: Wireless Network Engineering - A podcast by Rowell Dionicio and François Vergès - Mondays
 
   Categories:
We take a look at what resources are available to capture frames on Windows OS. 802.11 Frame Captures on Windows Back in episode 121, we spoke highly of Macbook Pros being perfect tools for wireless frame captures. But not everyone has a Macbook Pro. Even I still have a Windows laptop and need to do frame captures on that every once and a while. In this episode, we outline some of the resources we use for capturing frames on Windows OS. Both free and paid versions depending on how you're trying to capture frames and how quickly you're trying to accomplish the task. Budgets will vary widely with each resource so check for the most updated pricing online. Acrylic Wi-Fi Professional You can try out Acrylic Wi-Fi with a trial version free for 4 days. As of June 2018, a license is $39.95 one time fee (or $19.95 for 1 year). It has a built in 802.11 packet capture tool without requiring additional hardware. But it only captures beacon frames if your Wi-Fi NIC does not support monitor mode. The NDIS driver must be installed so your built in Wi-Fi NIC can be used in monitor mode. If you want, you can use an external adapter to perform the capture. Acrylic recommends the following: * D-Link DWA-182 Revision A1 * Netgear A6200 * Asus USB-AC53 * List of compatible Wi-Fi NICs By default, it will be channel hopping. So don’t forget to set the channel on which you want to scan. We strongly recommend using a Riverbed AirPcap card if you are going to do anything professional. Some of the packet capture features include: * Display the Packet Tree view including the details of the Radio Tap Header * Displays the Hex and Binary view of the packet * You can export the frames into a pcap file and analyze them with another tool (Wireshark) * Integration with Wireshark * 802.11ac not there with AirPcap Nx Other Features: * Wi-Fi Scanner * Show Retry Rate when set to monitor mode * Displays the SSID detected (including the hidden SSID) * Displays some beacon details * Script editor built-in * Reports * Inventory Links: * https://www.acrylicwifi.com/en/wlan-wifi-wireless-network-software-tools/wifi-analyzer-acrylic-professional/ * https://www.youtube.com/watch?v=buMJ9NDCsGA * https://www.acrylicwifi.com/en/blog/how-to-capture-wifi-traffic-using-wireshark-on-windows/ Microsoft Network Monitor This tool is free to use with your operating system. You can download the application from Microsoft and check out a full tutorial. You can find a Video Tutorial easily on YouTube.
