Wireless communications has been accepted by many organizations and users as
it allows to be flexible and portable with increased productivity and lower
installation costs. It can be moulded and designed to address different usage and
user needs. WLAN able devices allow users to move their wireless devices from
place to place within the office without the need of wires and without losing network
connectivity. It is a well known fact that the wireless networks are vulnerable to
many attacks. Some of the attacks may include interception of sensitive information
that is not encrypted and transmitted between two wireless devices. Ad hoc
transmissions within the network can even compromise the security of a network.
Intruders can interfere from inside or out of the network in order to gain connectivity
to network management controls and thereby disrupting network resources. In
most cases the attackers cannot be traced or the purpose of the attack is not
known. Even though we have access to the AP's log files, it has very less
information stored in it. Most of the AP's do not provide syslog facilities so that the
logs can be stored at some other server. With the increase in the number of attack
tools, security of wireless technologies has become a primary concern. This paper
is all about building a device that would be able to watch all the WLAN data and
analysing all the traffic coming and going out of the wireless AP.
Keywords: Wireless local area network (WLAN), Access Point (AP), Forensic, WiFiTools,
WEP, WPA, 802.11
INTRODUCTION