Wireless forensics is the process of capturing information that moves over a wireless network and trying to make sense of it in some kind of forensics capacity.
Contents[hide] |
Wireless Local Area Networks
WLANs are standardized under the IEEE 802.11 series.
Common encryption technologies used by these networks are: WEP, WPA/WPA2-PSK, some networks have no encryption at all.
In order to decrypt intercepted secured WLAN traffic you should crack the encryption key. Note, that the only option for cracking WPA/WPA2-PSK keys is to do a brute-force password guessing attack. There are several WPA-PSK rainbow tables available.
Many commercial network forensics systems can intercept and decrypt WLAN traffic, for example:
- Mera Systems NetBeholder Mobile
- E-Detective Wireless Detective System
As well as some open-source tools:
WPA/WPA2-PSK cracking-only solutions with GPU acceleration (15-100 times faster than in CPU-only mode):
