Digital Podcast

CTS 121: Capturing Wireless Frames with a Mac


Join Now to Share


Clear To Send: Wireless Network Engineering show

Summary: Capturing wireless frames is a must know skill for any Wi-Fi network engineer.<br> Capturing Wireless Frames with a Mac<br> The Macbook Pro is an excellent tool for capturing wireless frames. The built-in wireless adapter can be used to sniff wireless frames in the air. As I like to say, the best troubleshooting tool you can have is the one that’s with you. Since I have my Mac with me all the time I tend to capture frames wherever I go.<br> There are many pros with capturing frames. It’s a great way to learn how Wi-Fi works. This is how I got started. Understanding how Wi-Fi communication works through frame captures gives you an upper-hand. One example is learning about the <a href="http://www.cleartosend.net/cts-015-authentication-and-association/" target="_blank" rel="noopener">802.11 State Machine</a>.<br> When it comes to troubleshooting complicated issues, frames don’t lie. Not too long ago, my laptop had a difficult time connecting to public Wi-Fi. It frustrated me so much I decided to capture some frames. Within minutes I found out why. Just take a look at the screenshot below.<br> <br> Tools<br> <br> * Macbook Pro<br> * <a href="https://www.adriangranados.com/apps/airtool" target="_blank" rel="nofollow noopener">Airtool</a><br> * <a href="https://www.wireshark.org/#download" target="_blank" rel="nofollow noopener">Metageek Profile</a><br> * <a href="https://support.metageek.com/hc/en-us/articles/115013527388-Wireshark-Configuration-Profile" target="_blank" rel="nofollow noopener">Metageek Profile</a> for Wireshark<br> * <a href="https://mojopackets.com/" target="_blank" rel="nofollow noopener">Mojo Packets</a><br> <br> How To Capture Frames<br> <br> * Install Wireshark<br> * Install the Metageek Profile<br> <br> * Unzip the file<br> * Copy directory to /Users/user/.config/wireshark/profiles/<br> * Enable the profile in Wireshark by clicking on the bottom right of the open application. See screenshot below.<br> * <br> <br> <br> * Install Airtool<br> * Select channel &amp; channel width to capture on<br> <br> * <br> <br> <br> * Start the capture and stop after a short time<br> <br> * <br> <br> <br> * Analyze with Wireshark or Mojo Packets<br> <br> Links and Resources<br> <br> * <a href="https://www.adriangranados.com/apps/airtool" target="_blank" rel="nofollow noopener">Airtool</a><br> * <a href="https://www.wireshark.org/" target="_blank" rel="nofollow noopener">Wireshark</a><br> * <a href="https://mojopackets.com" target="_blank" rel="nofollow noopener">Mojo Packets</a><br> * <a href="https://support.metageek.com/hc/en-us/articles/115013527388-Wireshark-Configuration-Profile" target="_blank" rel="nofollow noopener">Metageek Wireshark Profile</a><br> * <a href="https://www.wlanpros.com/resources/automating-wi-fi-packet-analysis-pyshark-brian-long-wlpc-us-phoenix-2017/" target="_blank" rel="nofollow noopener">Automating Wi-Fi Packet Analysis with Pyshark</a><br> <br>