You are previewing premium content. | Clear Choice Test WLAN analyzers | ||||||||
|
||||||||
How we tested WLAN analyzers
We used a base platform of a HP ZV-5000 notebook (AMD Athlon 64 with 2GB dynamic RAM, 100GB internal drive and internal Broadcom Wi-Fi 802.11a/b/g chipset) running a freshly updated version of Windows XP SP2.
We used several access points, but principally an IPv6 Linux version of the Linksys WRT54G access point for testing purposes.
Several Wi-Fi cards were tested, but we principally used a Linksys WPC55AG Wi-Fi card (supports 802.11a/b/g). The HP notebook was connected by a Gigabit Ethernet connection to our internal network.
We used several other notebooks, including an HP DV9000, several Macintosh Powerbooks, and a Compaq Presario desktop with a Linksys 802.11a/b/g PCI network card to perform connectivity, monitoring and test attacks.
We simulated or used several attack profiles, run from a Macintosh Powerbook running Apple's AirPort Extreme card. We did a man-in-the-middle attack (MAC Spoof Attack), a Wi-Fi Protected Access (WPA) dictionary attack and an authentication flood attack (sends bogus MAC addresses).
The man-in-the-middle attack was correctly identified (except by the OptiView III), though the WPA dictionary attack and authentication flood attack were each seen differently by each analyzer; all triggered alarms.
All of the analyzers worked only on Windows XP SP2 (and not on Vista; Windows 2000 Professional wasn't tested, as it's no longer widely supported by Microsoft).
Network General's Sniffer Portable required use of Internet Explorer 6/7 (rather than Firefox or another browser) and had decided boundaries on memory and CPU speed, which it misidentified.
Read more about wireless & mobile in Network World's Wireless & Mobile section.
Most Read
Videos
Rss FeedLatest News
Rss Feed
-
Network World, Inc
The Connected Enterprise