1 / 28

QuickStart for AiroPeek

QuickStart for AiroPeek. January 2002. The History of WildPackets. 1990: Introduced a Macintosh-based EtherPeek protocol analyzer 1996: Windows-based version of EtherPeek released

magee
Télécharger la présentation

QuickStart for AiroPeek

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. QuickStart for AiroPeek January 2002

  2. The History of WildPackets 1990: Introduced a Macintosh-based EtherPeek protocol analyzer 1996: Windows-based version of EtherPeek released 1998: The iNetTools (under a different name at the time) were developed to allow active network testing such as a port scan and ping scan 2000: Changed name from AG Group to WildPackets 2000: Acquired Net3Group, makers of NetSense 2001: Acquired Optimized Engineering which is now the Professional Services arm of WildPackets 2001: Released AiroPeek to extend into the wireless market place

  3. Current Customers Include.. Motorola, NY Times, 3Com, IBM,, Talk City, Condé Nast Publications, Novell, US Air Force, National Institutes of Health, DARPA, NASA Sandia National Labs, Liberty Mutual Insurance, EDS, GTE Information Services Apple Computer, Boeing, Cisco Systems, Microsoft, Nortel Networks Ericsson, Bank of America, Lucent Technologies, Yahoo!, FAA, Lockheed Martin, Xerox Corp., Lawrence Livermore National Labs and many, many K-12 and higher educational institutions in the United States and abroad.

  4. Today’s Agenda • Launching AiroPeek • Examining network statistics • Overview of protocol layers • The Packets and decode windows • Using filters to isolate problems • Alarms and the Log Window • The iNet Tools • NetSense • Protocol Analysis Training Options

  5. What is a Protocol Analyzer and when can it be used • AiroPeek is an example of a protocol analyzer • also referred to as a packet analyzer • An analyzer can ‘see’ the conversations between networked devices • By evaluating the traffic network problems can be identified • An analyzer is also useful in proactively monitoring a network to identify potential issues, before they turn into serious problems • We produce an analyzer for Ethernet and Token-Ring as well as Wireless 802.11

  6. Getting Started with AiroPeek • In the 1.1 release, Supported Interfaces include: • Cisco Systems 340 and 350 WLAN Adapters • Symbol Spectrum24 11Mbps DS WLAN PC Card • Nortel Networks e-mobility WLAN PC Card • 3Com AirConnect 11 Mbps DSSS WLAN PC Card • Intel(R) PRO/Wireless 2011 LAN PC Card • AiroPeek runs under Windows 98, Windows ME, Windows NT 4.0 (service pack 3, or later), or Windows 2000 • To optimize AiroPeek's overall performance, a Pentium 166 MHz or faster processor with 64 MB RAM is recommended

  7. Statistics There are two location for statistics

  8. Report Examples… Utilization Packet Size Distribution Nodes Statistics

  9. Summary Statistics • Overview of network traffic • Includes 802.11 specific analysis • Attacker analysis • Upper layer information

  10. Examples of Web-Based Reports

  11. The Interpretation Of Statistics • Are the protocols seen what you expect? • Are the packet sizes consistent with the activity? • Is utilization at an acceptable level? • Are the ‘top talkers’ the right ones? Covered in WP101

  12. Application Presentation Session Transport Network Data Link Physical Covered in WP100 Overview of Protocol Layers • 802.11 and/or Ethernet are responsible for the local movement of the frame • IP is responsible for the routed travel of the packet • TCP and UDP identify the upper layer protocol via a Port number. TCP ‘guarantees’ the delivery of the data • Application layers such as FTP, Telnet, and HTTP provide the functionality to the user’s program Troubleshoot from the bottom up

  13. Configuring AiroPeek for WEP • WEP (Wired Equivalent Privacy) is a data encryption technique supported as an option in the 80211b WLAN Protocol • Because WEP encrypts all data above the 802.11b WLAN layers, it can prevent AiroPeek from decoding other network protocols • Options -> Tools -> 802.11

  14. Covered in WP106a Setting the WEP Key Set

  15. Getting Started Capturing… • Capture -> Start Capture • Click OK • Click on the Start Capture button

  16. Covered in WP106 Packets View • Packets scroll past in real-time

  17. Data Rate: Data rate (1, 2, 5.5, or 11 Mbits per second) at which the body of this packet was transmitted. Signal: The percent of maximum allowable transmission power detected in the receipt of this packet. BSSID: Displays the ID number of the access point or base station to whose traffic this packet belongs. WLAN-Specific Columns Channel: Channel on which the NIC is listening

  18. Details, Details.. Double-click on a packet to see the detailed decode and hexadecimal view P D N T S P A Covered in WP103&4

  19. Getting Started With Filters Post-Capture Filtering A Real-Time Capture Filter

  20. Alarms and Log Window • Right click on a statistic to Make Alarm • View ->Alarms • Tools -> Notification to specify the action to take Alarms Log

  21. iNetTools For example, Ping Scan… Covered in WP101

  22. Obtaining iNetTools • The iNetTools are available as a separate demo download • Installing the iNetTools is a choice when running the AiroPeek Installation program

  23. NetSense Overview • Open a file • File Summary • DLC (Data Link Control) Error Expert • Frame Size Chart • Protocol Chart • Problem Finder • Network Peer Map • Client/Server Expert • Other Possibilities: • ProAnalyst ToolBox • Response Time/Latency Analysis • Throughput Analysis Covered in WP104

  24. Client/Server Expert

  25. 802.11 Specific Information

  26. Professional Services WP100: Foundations Of Network Protocol Analysis WP101 or WP101W: Network Troubleshooting Methods Using EtherPeek or AiroPeek WP103: TCP/IP Protocol Analysis Methods WP104: Advanced TCP/IP Protocol Analysis WP106: 802.11 Wireless Network Analysis Using AiroPeek and Coming Soon: WP105: AppleTalk and Mac OS/X Network Analysis AATech: Applied Analysis Technician PAS: Protocol Analysis Specialist NAX: Network Analysis Expert

  27. Questions? ? ? ? ? ? ?

  28. www.wildpackets.com

More Related