Software tools for testing Wi-Fi can run on a laptop, but dedicated hardware tools offer the convenience of a sometimes less cumbersome form-factor that are compact enough to fit in the pouch of a laptop bag.\nThis article looks at five of these devices: AirCheck G2 Wireless Tester (NETSCOUT), Cape Networks Sensor, EyeQ Wi-Fi Monitor (7SIGNAL), NetBeez Wi-Fi Monitor and WiFi Pineapple Tetra.\n\nThe AirCheck G2 Wireless Tester is a tool that would be useful for any network pro that deals with Wi-Fi installs or troubleshooting regularly and prefers not to toot along their laptop to get measurements. It\u2019s a solid custom-made Wi-Fi stumbler and analyzer with a simple ethernet tester built-in.\nThe WiFi Pineapple Tetra is a one-of-a-kind penetration or ethical hacking tool for wireless-based attacks. It\u2019s certainly for those pen testers out there, but can also be great for those that just like to geek out or get some hands-on Wi-Fi security experience.\nThe three Wi-Fi sensor solutions we reviewed all have their own pros and cons:\nThe Cape Networks solution has the best GUI and sports some good advanced functionality, but requires that you purchase and deploy their hardware sensor, of which there is currently only one model offered.\nThe EyeQ platform offers two different hardware sensors and also allows you to deploy sensor software onto your existing computers and mobile devices, but it\u2019s lacking when it comes to the GUI and advanced functionality.\nThe NetBeez solution also allows both hardware and software based sensor deployment with some great advanced functionality, and even supports wired monitoring. But their hardware has more of a home-made look and feel and software deployment is limited to GNU\/Linux machines and devices.\nAirCheck G2 Wireless Tester\nThe AirCheck G2 Wireless Tester is a handheld Wi-Fi stumbler, troubleshooting and performance testing tool by NETSCOUT. Although the tester is available a la carte, they sent the kit (model number AIRCHECK-G2-TA-KT), which adds an external directional antenna for better assistance in locating Wi-Fi devices and a test accessory that plugs into the wired network to act as iPerf server for performance testing over the Wi-Fi. The kit sells for $3,095 on Amazon.\n\nAirCheck G2 Wireless Tester has a rugged plastic case,\u00a0measuring about 8 inches high, 3 1\/2 inches wide, and 2 inches deep. On the left side, you\u2019ll find an Ethernet port for running tests on wired connections. On the right side, you\u2019ll find two USB ports for optionally connecting flash drives to save\/transfer the captured data. There\u2019s also one micro-USB port for connecting the unit to a computer to utilize the AirCheck G2 Manager software to configure profiles and view or export reports of the saved data. Also on the right of the unit is an RP-SMA connector for connecting external antennas. The unit also comes with a custom protective carrying case, which provides a convenient strap on the back to secure in your hand and a spot to slide in the external antenna when needed.\nWe reviewed the AirCheck G2 Wireless Tester with the hardware version 2 and software version 184.108.40.2065. On the main screen, you\u2019ll find shortcuts to the main tools:\nNetworks: Groups APs by the same SSID and gives the channel, signal in negative dBm, and SNR values for the closest AP. You can tap on a network to view further details, including a list of all APs with that same SSID, the exact noise level in negative dBm, and the number and listing of clients connected. Although the unit does detect signals that have SSID broadcasting disabled, it unfortunately doesn\u2019t reveal the actual SSID.\n Eric Geier\n\nThe Networks screen shows the different networks and their basic details; you can tap one to view further details.\n\n\nChannels: Displays channel utilization and overlap graphs for 2.4 and 5GHz bands. The graphs are useful, but we didn\u2019t like being forced to turn the unit in landscape orientation to view the overlap graphs.\n\nAccess Points: Lists similar details as the Networks screen, but shows all SSIDs (listed by the MAC addresses) individually instead of grouping same SSIDs as a Network.\nClients: Lists all detected Wi-Fi devices with their details, including their signal level, channel and connected AP. Tapping on a client displays further wireless details.\nInterferers: Lists any non-Wi-Fi device that\u2019s causing interference in the 2.4 or 5GHz bands.\nAutoTest: Runs automated air quality tests and looks for rogue access points. As it states before performing the test, it refreshes the captured data when you do this, so you must save your session beforehand if you want to save the prior captured data. Of course, it would be nice if you didn\u2019t have to worry about this.\n Eric Geier\n\nResults of an AutoTest, which gives you feedback on a few utilization and interference parameters.\n\n\nEthernet Test: Runs a test on any Ethernet connection you have plugged into the unit. It looks for PoE ability, link data rate, switch port and VLAN details, IP via DHCP, default gateway, and a successful ping to Google (or other IP you have preconfigured).\nIf you connect to a network via the Network or Access Point tool, it performs an automated set of tests, similar to the Ethernet Test. On the results screen, you can also access the roaming and iPerf test tools. The iPerf tests can be performed against the Test Accessory when plugged into the network or against another iPerf server you setup on the network.\n Eric Geier\n\nResults of a wireless connection test, shown after connecting to a network.\n\n\nThe AirCheck G2 Wireless Tester supports the Link-Live Cloud Service. Once you setup a free account and claim the unit, the results of wireless and wired connection tests are automatically emailed to you and uploaded to the cloud service. This can be convenient, but the other captured data (like the network, access point, and client lists and iPerf tests) isn\u2019t supported.\n Eric Geier\n\nViewing the wireless and wired test results via the cloud service.\n\n\nHowever, NETSCOUT does provide the Windows-based AirCheck G2 Manager software that can get all the captured data and screenshots, and also generate reports, configured profiles and manage the device.\n Eric Geier\n\nThe AirCheck G2 Manager software allows you to view saved data from the unit.\n\n\nOverall, the AirCheck G2 Wireless Tester is a solid Wi-Fi testing tool, although the price is a bit steep. It has a user-friendly and intuitive GUI. Good sorting and filtering is provided for most of the data. On most screens, you can tap the question mark to see a description of the data or settings you\u2019re currently viewing. The only times we referred to the PDF documentation was for how to perform the iPerf throughput tests with the Test Accessory and how to save screenshots. The iPerf test tool is buried on the wireless connection screen that you only see after connecting to a network. Saving screenshots turned out to be an easy long tap on the question mark icon.\nCape Networks Sensor\nThe Cape Networks Sensor is an access point looking sensor that you can deploy multiples of throughout a Wi-Fi network for remote monitoring and troubleshooting via their free cloud-based dashboard. Currently, there\u2019s only one type of sensor offered by Cape Networks, and it\u2019s pricing isn\u2019t publicly disclosed.\n\nThe sensor unit is cased in a while plastic covering with exposed black vents around the sides. The unit measures about 6 inch square and 1.6 inches high. \u00a0Along with the sensor unit, you receive mounting hardware, a power supply in case you don\u2019t have PoE, and a quick start guide with tips and tricks on mounting and deploying the sensors.\nThe first time you login to the cloud GUI, you accept their EULA, ensure the sensor(s) are detected, configure the SSID to connect to and add additional users. After that, you\u2019re greeted with a very simple dashboard with five different monitoring categories with with statuses that are green when all good and red when issues are detected:\n Eric Geier\n\nThe Cape Networks Dashboard when there\u2019s an issue detected.\n\n\nExperience:\u00a0Represents the overall user experience, so will likely be red if any issues are detected. Under this category, all the sensors are listed.\nWi-Fi:\u00a0Wi-Fi connectivity and quality based off of thresholds, for instance the default bitrate warning is 20 Mbps or less and the error alert is 6 Mbps or less.\nNetwork:\u00a0DHCP and DNS availability and response times based off of thresholds. For instancethe default high DHCP response warning is 5 seconds or more and error alert is 10 seconds or more.\nInternal:\u00a0Any TCP\/UDP servers or devices, such as captive portals or printers on the local network that you manually add via port or ICMP ping monitoring. Availability, latency, packet loss, and (optionally) jitter are monitored. Alerts are based off of thresholds as well. For instance, the default high-latency warning is 500 ms or more and error alert is 1000 ms or more.\nExternal:\u00a0Similar monitoring capabilities, parameters and thresholds as Internal, but these are for services and devices outside the sensor\u2019s local LAN. There are a couple of external sites that are monitored by default and a couple more that are pre-configured but not enabled. You can manually add other sites as well.\nHovering over each monitoring category displays more info. Clicking a device, network, or service will bring up its page with more info, including graphs for the monitoring parameters. You can conveniently hover over the time-lapsed graphs to see the date\/time and even select a certain range to zoom into so you can analyze a certain date\/time better. However, you can\u2019t easily export the graphs.\nUnder the Experience category, you can click on each sensor to view further details. Here we found some neat features. You can view a list of all SSIDs detected by the sensor, which comes in handy when analyzing channel usage. You can retrieve a packet capture (PCAP) file for advanced analysis. You can also generate a report, but is just a raw dump of the collected data. It would be better if the report was more visually appealing.\n Eric Geier\n\nOn a Sensor\u2019s page you can view a list of all SSIDs detected by the sensor, useful when analyzing channel usage.\n\n\nClicking on the gear icon in the upper-right brings up the Settings page. There you can configure the sensors, Wi-Fi, testing, thresholds, alerts and users. In the sensor settings, we finally discovered you can enable multiple SSID testing for a sensor. It\u2019s a great feature, but would be nice to know about ir earlier on when connecting to the SSIDs.\n Eric Geier\n\nExample of the Wi-Fi warning and error alert thresholds.\n\n\nOverall, we found the Cape Networks Sensor to be a solid Wi-Fi monitoring device with some advanced features, like a backup mobile Internet connection. The GUI has a simple look and feel while still offering advanced functionality. We didn\u2019t find any on-screen documentation or help, but their integrated chat-based support seemed very responsive.\nEyeQ Wi-Fi Monitor\nThe EyeQ monitoring platform from 7SIGNAL is another cloud-based service targeted towards Wi-Fi performance. The Wi-Fi monitoring can be done via one of their two hardware sensors or via their software-based sensors on Windows and Mac machines, or even Android and iOS devices. \u00a0In our review, we evaluated the EyeQ platform using Windows and Android deployment. Pricing starts at $33 per device per year with the possibility of volume discounts.\n Eric Geier\n\nThe EyeQ Dashboard gives you a quick overview of the sensor locations and stats.\n\n\nWhen installing their sensor software on computers and mobile devices, you must configure the app with your Organization ID so it connects to your account. After logging into the web GUI, you see the Dashboard, showing a map of the estimated locations of the sensors along with graphs for ping, throughput and signal strength. You can filter the data shown and specify the timeframe. You can also click to view more details for the ping and throughput data. That takes you to what looks like a different page but you must click their Back link (which isn\u2019t all that noticeable at first) instead of the browser\u2019s Back button or it will take you back to the sign-in page.\u00a0\n Eric Geier\n\nThe Ping graph detail page shows EyeQ comes preconfigured to ping against the most popular websites.\n\n\nOn the Reports page, you can view throughput results based upon client platform and the top 10 and bottom 10 clients for download and upload throughput. You\u2019ll see the results shown in a table format with data like the AP and channel the clients were connected through and the client\u2019s signal strength. This data can help you analyze and troubleshoot the Wi-Fi, but we think there could be more data given (such as throughput based upon time of day, or new data altogether like retry rates and roaming times), in different formats such as graphs, and exportable, like with a PDF.\n Eric Geier\n\nThe Reports of EyeQ are relatively simple and basic, showing a few pieces of data in a table format.\n\n\nOn the Profiles page, you can view and configure the test destinations and settings. We appreciate that it\u2019s loaded with generic defaults so you have something up and running from the start. For the most part, the settings were easy to understand and modify.\n Eric Geier\n\nThe Profiles page of EyeQ is where you can manage the testing configurations.\n\n\nOverall, we found the EyeQ monitoring platform to be simple and basic. This is good in regardless to user-friendliness, but we were hoping for a bit more advanced functionality. One major advantage of this platform over the other sensor solutions we reviewed is that you can easily employ existing computers and mobile devices as sensors, and aren\u2019t required to purchase and deploy their hardware.\nNetBeez Wi-Fi Monitor\nThe NetBeez Wi-Fi Monitor is another sensor product that you deploy throughout a Wi-Fi network for remote monitoring and troubleshooting. It\u2019s priced at $180 per sensor. They offer a cloud-based dashboard like the other similar services here, but NetBeez only offers it free if using only one sensor or agent. Pricing for the cloud service starts at $310 per month for up to 5 Wi-Fi and\/or wired sensors or agents.\nIn addition to the Wi-Fi sensor we evaluated, they also offer sensors for the wired network: a fast ethernet option and gigabit ethernet option. Plus they offer various software-based agent packages designed for GNU\/Linux, Raspberry Pi, cloud, and virtualization deployments.\n\nThe Wi-Fi sensor consists of a main unit which has a Raspberry Pi inside, powered by the included Micro USB power adapter. The unit is black and just over 1 inch tall, 2\u00bd inches wide and about 3\u00bd inches long. Plus there\u2019s a typical ASUS dual-band wireless adapter (USB-AC56) plugged into one of the USB ports, adding about 4 inches to the length of the entire unit, plus a 5 \u00bd inch antenna. The other USB ports can be used for resetting the device.\nOn the back, there\u2019s an Ethernet port to perform monitoring on the wide side as well. Unfortunately, it doesn\u2019t support PoE without the use of an additional Micro USB PoE adapter. On the side of the device, there\u2019s an HDMI port, which can be used for debugging and troubleshooting. There\u2019s also an audio port, which provides no functionality.\nWe reviewed the Wi-Fi sensor with software version of 1.2.0 and the cloud dashboard version 1.2.1. The first time logging into the dashboard we saw a welcome message with a link to their Guide.\nOn the Buzz tab, you see an overview of the alerts and associated graphs. The graphs are a good start, but we were disappointed that we couldn\u2019t easily adjust the time frame displayed. Additionally, we didn\u2019t find an apparent way to ignore\/delete alerts, which would be useful.\n Eric Geier\n\nThe Buzz tab is where you see an overview of any alerts.\n\n\nOn the Agents tab you can see an overview of the status and alerts per agent in an inventory list or thumbnail view. On the inventory list view, we liked how you can click the agent name to easily edit the name, but didn\u2019t find a way to open the agent page to view all the details. On the thumbnail view, you can however click a thumbnail to open that agent\u2019s page. Different views can be useful, but in this case it doesn\u2019t seem well thought out.\n Eric Geier\n\nOn an agent\u2019s page, you can view it\u2019s statuses, graphs and settings.\n\n\nOn the Targets tab, you can view and manage the targets and settings of the ping, DNS, HTTP and traceroute tests. And the Tests tab is where you view results of those tests, plus configure iperf, VoIP and speed tests. You can also run one-off tests via the Ad-hoc Testing tab.\n Eric Geier\n\nExample of configuring a ping, DNS, HTTP, and traceroute tests against a website.\n\n\nOn the Reports tab you can generate reports for network, agent, target and scheduled test statuses, all exportable to a PDF. On the Alerts tab, you simply see a listing of all alerts.\nIn the upper-right of the dashboard you can access the Settings page. There you can configure data retention, integrations, email reports and other server settings. You can also configure the alert profiles and methods - SMTP, SNMP and syslog. In the upper-right of the dashboard you can also access the help menu, which takes you their online documentation.\u00a0 \nOverall, the Netbeez Wi-Fi sensor is a good monitoring tool, but it\u2019s GUI can certainly be fleshed out to be more user-friendly. It took us a while to figure out how to connect it to a Wi-Fi network, for instance, which seemed to require many more clicks than it should. The home-made design with the Raspberry Pi doesn\u2019t provide an enterprise look and feel like other sensors, but some may appreciate the software deployment flexibility NetBeez provides. This solution is the only one reviewed here that supports wired monitoring as well.\nWiFi Pineapple Tetra\nThe WiFi Pineapple Tetra is a dual-band Wi-Fi auditing and penetration-testing device. It looks similar to a typical access point (AP) but is loaded with a custom OS, called PineAP. It contains penetration testing tools for Wi-Fi reconnaissance, man-in-the-middle, tracking, logging and reporting. Its main function is to imitate APs and trick clients into connecting to it, which then allows you to perform further penetration testing and ethical hacking.\n\nWe evaluated the TETRA Basic edition, priced at $199.99. The unit has a black plastic exterior and is about 5\u00bd inches wide, 1 inch tall, and 4\u00bd inches long. It also has four detachable antennas measuring about 7 inches long. On the front of the unit are three status lights. On the back is the power button, power input for the AC wall adapter, two micro USB ports, a full USB port, and an ethernet port. Along with the TETRA Basic edition comes a USB Y-Cable, wall AC power adapter, and a Quick Start Guide.\nAfter powering the device on for the first time, you must complete the initial setup. This involves uploading the latest firmware, setting a root password and optionally setting up Wi-Fi access to the device. After that, you\u2019ll see the Dashboard when logging into the web GUI.\n Eric Geier\n\nThe Dashboard of WiFi Pineapple shows the mains stats.\n\n\nOn the left menu, you can click through the different pages. The Recon page allows you to scan for APs and clients and then add those you want to the lists for profiling or to the PineAP pool or filter. You can also send de-authentication frames to clients that you want to kick off the network they\u2019re currently connected to. The AP and client list shows the basic network details, but we wish it was possible to filter or sort the list, for instance, by the signal level.\n Eric Geier\n\nThe Recon page of WiFi Pineapple is where you can initiate the scanning of Wi-Fi APs and clients and view their details.\n\n\nOn the Clients page, you\u2019ll see a list of details for the clients that are currently connected to the WiFi Pineapple. This includes the MAC and IP address, host name of device, which can help identify the type of device, and the spoofed SSID to which the clients are connected. You can optionally kick clients off the WiFi Pineapple, or add MAC addresses or SSIDs to the pools, filters, or tracking lists.\nOn the Modules page, you can add additional tools and functions, such as for man-in-the-middle attacks. There are currently more than two dozen different modules. Examples include a feature to show a stream of web browsing data and images from connected clients and a DNS spoofer to forge replies to DNS queries.\nOn the Filters page, you can list clients and SSIDs that you want to explicitly deny or allow to connect to the WiFi Pineapple. On the PineAP page, you can configure the main SSID spoofing settings and view the SSID pool - the SSIDs with which the WiFi Pineapple will automatically spoof clients.\n Eric Geier\n\nThe PineAP page of WiFi Pineapple is where you configure some of the spoofing techniques.\n\n\nOn the Logging page, you can view a list of the logs that show probe requests broadcasted by clients and also associations and deassociations of clients to and from the WiFi Pineapple. Although the list is filterable, it would be nice if it were also sortable. On the Reporting page, you can configure the reports to be automatically stored or emailed, but it would be nice to also be able to generate a report right away.\nOn the Networking page, you can view the routing table of the WiFi Pineapple, configure the access point for the management and open AP functions. You also can configure the wireless-client function if you want to get the internet feed via a Wi-Fi network. On the Configuration page you can configure general device settings as well the HTML or PHP code for the landing page that clients would see when they connect to the WiFi Pineapple, if you indeed choose to enable the landing page.\nThere\u2019s a Help page on the web GUI, which discusses most but not all of the pages and their features and settings. It would be even more helpful if some of these details were given throughout the GUI, such as by using tooltips. A wizard of some sort would also be handy to help in initially configuring the device and maybe wizards for configuring certain attacks.\nOverall, the WiFi Pineapple Tetra is a really neat and unique tool that could certainly aid in penetration testing and learning more about Wi-Fi security. There is a learning curve to understand exactly how to use the tool, some of which could be eased if there were some improvements to the GUI process and documentation.