 |
||
United States
UK
 |
||
       |
||
 |
||
OmniPeek Product Family
AiroPeek VX
EtherPeek SE & NX
EtherPeek VX
Hardware
Other Products
|
AiroPeek NX Only
AiroPeek SE & AiroPeek NX
AiroPeek NX Only
The Profile tab lets you save Peer Map configurations settings into a single profile that controls the appearance and layout of the Peer Map. The Configuration tab lets you control what part of the traffic in the Capture window’s buffer is displayed in the Peer Map. The Node Visibilities tab displays node counts, and nodes that are both shown and hidden in the Peer Map. For example, if this option is set to Always Hide, then all nodes that have not had their visibility assigned by the user will be hidden. This is useful if, during a live capture, the user doesn’t want new nodes to appear on the Peer Map as they are discovered.
The space shows you where protocol segments start and stop within conversations. This option is configurable by clicking the Options button. (Different from going to Tools -> Options).
Right-click on any Expert event and choose EventFinder Settings. Click the Show Info button for a description of the event and possible causes and remedies.
AiroPeek SE & AiroPeek NX
Since all WildPackets products make use of the underlying Operating System for all time computations, no patch will be necessary for our products to operate correctly with the new Daylight Saving Time Change. Important Vista Note: Vista Operating System has a facility for dynamic Daylight Saving Time calculations that takes into account the fact that different years may have different DST dates. The next release of the OmniPeek Product Family (available end of Jan. 2007) will include the code to use this new operating system facility. The end result is that everything will work correctly with Vista, but if a user has XP with the DST hotfix installed, the duration of captures that span the actual time change in past years may be incorrect since XP does not have the facility to understand that different years may have different DST dates.
AiroPeek 3.1 will load and run on 64 bit operating systems in 32 bit compatibility mode and supports AMD and Intel x86 processors including the 64 bit capable Pentium and Xeon processors.
Send functions (e.g., commands in the Send menu and Send window) cannot send packets via a wireless adapter when that adapter is being used to capture packets.
The BSSID and ESSID option under the Select Channel is only for selecting a wireless channel. This option does not filter out specific wireless traffic, creating an advanced filter will accomplish this for you.
When selecting the channel by ESSID in the 802.11 section of the Capture Options dialog, the behavior varies depending on which driver you're capturing from. For example, the Atheros driver will search for the specified ESSID for 2 seconds. If that ESSID is found, it will change to the channel which corresponds to that ESSID; otherwise, it will remain on the current channel.
CRC errors are the only error type captured by AiroPeek. All error packets are processed by Network, Summary, Size, and History statistics. However, in Network statistics, error packets only count for total packet and byte count, not for broadcast and multicast counts. Node, Protocol, and Channel Statistics do not process error packets. The "802.11 Analysis" plug-in is currently the only plug-in that processes error packets. Most summary statistics information comes from plug-ins.
This may be caused by a display DPI setting that is larger than 96 DPI. Confirm that the display's DPI setting is set to 96 DPI by checking the configuration for this setting in the Advanced Settings portion of the Display Control Panel.
Yes, with the use of an Atheros chipset based adapter and the WildPackets 3.0.1.x Atheros driver, WPA-PSK is supported in AiroPeek 3.x.
Currently WPA2 is not supported.
AiroPeek supports TKIP and WEP encryption.
It is not possible to use the 'Send' feature for control and management packets. The Send feature will work with 802.3 data packets only. Control and management packets in a trace file were used for previous wireless transmissions. When you attempt to send them via AiroPeek, the driver for the 'Send Adapter' will not forward them. While AiroPeek has the ability to send 802.3 frames, it was not designed to replay wireless trace files and 'simulate' wireless traffic.
Yes, if your adapter has an Atheros chipset, the WildPackets Atheros driver will allow noise measurements to be passed to AiroPeek. (This is an approximate measurement by the wireless adapter).
If the adapter driver hasn't already timestamped the packet, the timestamp is provided by the Peek driver.
Network analysis tools are powerful and must be protected from misuse. Data captured and sent across the network may be sensitive, so AiroPeek has been designed from the ground up to adhere to strict IT security requirements.
In the Capture/Monitor Options, select Performance. For peak performance, right click on one of the features and choose Disable All. This way, AiroPeek will function at peak performance, but the features are still available when needed. When you need a particular feature, you can always enable it. As you enable/disable individual features, the performance bar at the bottom of the Performance Options dialog will move to show you an estimate of the impact of each feature. Here are a few more tips to improve the performance of AiroPeek:
In order to capture wireless traffic with AiroPeek, you must install a custom WildPackets driver. A list of supported cards and the WildPackets drivers can be found here: Please find your card from the list and download the appropriate driver. ***First install and test the adapter with the OEM driver. Do not install the WildPackets driver until the adapter is functioning properly on your network using the OEM driver*** Also, be sure to follow the ReadMe carefully; you must choose 'Don't search. I will choose the driver to install.'
Peek *must* capture the complete (EAPOL) key exchange to successfully decrypt WPA-PSK encrypted traffic. This exchange consists of the 4 packet Pairwise Master key (PMK) and the 2 packet Group Temporal Key (GTK). Below is an example of a successful EAPOL capture.
Please refer to the AiroPeek Supported Wireless Adapters page, for a current list of wireless adapters that are supported by AiroPeek.
When WMM (802.11e) is enabled WPA-PSK decryption will fail, some adapters have an Advanced Settings Tab that will allow this feature to be disabled. If your adapter does not have this setting, disable the feature on the corresponding Access Point. Once you have disabled the feature on the client's adapter who is sending the traffic of interest or the AP, you should be able to decrypt the traffic completely. |
|
||||||||||
| COPYRIGHT © 2008 WILDPACKETS, INC — PRIVACY STATEMENT · CONTACT US | CORPORATE · PRODUCTS · SOLUTIONS · SERVICES · SUPPORT · PARTNERS · BUY NOW |
|
All registered and unregistered trademarks are the sole property of their respective owners |
|