The Decryption Keys Management Dialog

This dialog window (shown in Figure 8) can be used to organize the keys that will be used to decrypt the wireless packets. It is possible to decrypt packets encrypted with WEP, WPA and WPA2. however, notice that:

In order to decrypt WPA and WPA2 you will need to capture the 4-way EAPOL handshake used to establish the pairwise transient key (PTK) used for a session.

Wireshark can only decrypt “WPA personal” sessions, which use pre-shared keys. Decryption of “WPA Enterprise” sessions is not supported.

As explained in “The Wireless Toolbar” section, there are three possible decryption modes: None, Driver and Wireshark. The keys specified in this dialog will be used either by the Driver or Wireshark depending upon the selected Decryption Mode. It should be noted that WPA and WPA2 are decrypted only in Wireshark mode.

Note that, no matter which setting is used, the keys are applied to the packets in the same order they appear in the keys list. Therefore, putting frequently used keys at the beginning of the list improves performance.

To add or remove a key, use the “Add New Key” or “Remove Key” buttons, respectively. “Edit Key” allows you to change the value of an existing key. “Move Key Up” and “Move Key Down” can be used to change the order of the keys. This may be an important performance consideration, since the driver uses the keys in the order they appear in this list.

Use the “Select Decryption Modedrop-down box to switch among the different decryption modes.

Figure 8: Decryption Keys Management Dialog in Wireshark

18

AirPcap User’s Guide

Page 19 Page 21
Page 20
Image 20
Cace Technologies AirPcap Wireless Capture Adapters manual Decryption Keys Management Dialog
Page 19 Page 21

AirPcap Wireless Capture Adapters specifications

Cace Technologies AirPcap Wireless Capture Adapters are essential tools for network professionals aiming to monitor, analyze, and troubleshoot wireless networks. These innovative devices enable packet capture and analysis over 802.11 wireless networks, providing insights that are crucial for maintaining network integrity and performance.

One of the main features of AirPcap adapters is their ability to capture raw 802.11 packets in real time, including management, control, and data frames. This capability allows for a comprehensive view of wireless communications, assisting engineers in identifying issues like signal interference, unauthorized access points, and potential security breaches.

Another significant characteristic is the support for both 802.11a/b/g/n standards. This wide-ranging compatibility ensures that users can effectively analyze traffic across various network types, regardless of the generation of equipment being utilized. Additionally, AirPcap adapters are equipped with advanced features like packet injection, which is beneficial for testing network robustness and security defenses.

The wireless capture adapters are often praised for their seamless integration with popular analysis tools such as Wireshark. This combination provides users with a powerful interface for performing in-depth packet analysis, enabling the decoding of complex protocols and offering visualizations that aid in understanding network behaviors.

For ease of use, AirPcap adapters come equipped with a compact design and user-friendly software. They can be connected to laptops or portable devices, making them ideal for field use. Their portability ensures that field technicians or network analysts can perform assessments in various environments without the need for extensive setup or configurations.

Security is another critical aspect where AirPcap shines. These adapters allow for the capture of encrypted packets, provided the user has the appropriate decryption keys. This feature is particularly valuable for troubleshooting security protocols and ensuring that data transmitted over the network is secure.

In conclusion, Cace Technologies AirPcap Wireless Capture Adapters are versatile and powerful tools for any network engineer or security professional. With their ability to capture and analyze a wide range of wireless traffic, their compatibility with industry-standard tools, and their advanced features, AirPcap adapters are indispensable in today's increasingly wireless world. Whether used for routine monitoring, troubleshooting, or security assessments, these adapters offer a robust solution for wireless network management.
Top Page Image Contents