* The Reviewmeister checks out AiroPeek NX, a WLAN analyzer from WildPacket
Wireless LAN analyzers are rapidly evolving, so we tested the latest version of WildPacket’s notebook-based analyzer, AiroPeek NX, and its passive access point/probe, called RFGrabber. We found a few shortcomings, but overall the combination is a strong one.
We’ve seen two types of WLAN analyzers: those based on existing analyzers that have been extended for WLAN use; and those built or modified for the unique needs/applications that a WLAN network manager needs to be prepared for.
AiroPeek NX is a hybrid. WildPackets has a strong background in protocol analysis (with its EtherPeek product), and it also added wireless analysis that’s better than some products that we tested recently.
Although AiroPeek NX bears some resemblance to EtherPeek, the additions made for wireless analysis go further than some other protocol analyzer products we’ve tested. These additional features include extensive filtration for 802.11 packets and a link to an Expert analysis view of captured traffic that is useful and easy to understand.
The Expert mode analyzes conversations and checks for many characteristics of WLAN dysfunction. Like other WLAN analyzers tested, everything it sees is treated as a rogue until it is added to a list of trusted devices. Once a device is trusted, however, AiroPeek still compares various qualities of the devices, unless the devices are purposely filtered out of monitoring or packet capturing.
Packet decoding and conversational pairing are two strengths of AiroPeek NX. It was easy to filter and relate user transactions so they could be analyzed from user to resource and back again. Wired Equivalent Privacy (WEP) packet payload (data) must be decrypted outside the program. WildPackets provides an application that can decrypt the conversations, and is easily scripted to execute with various WEP keys. Packet-decode information also is available about WLAN traffic, such as the usual source/destination and packet-type information that non-encrypted packets have. Filters and triggers are available for many common program problems, such as SQL Server logon failures, and the presence of Yahoo Messenger traffic.
For the full report, go to https://www.nwfusion.com/reviews/2003/0818rev.html




