Wi-Fi forensics

Summary

Wi-Fi forensics uses wireless information capture and analysis techniques, to find the underlying causes of Wi-Fi problems.

Why is Wi-Fi forensics necessary?

Wi-Fi is still growing in popularity, and the Wi-Fi standard continues to evolve, becoming more complex as it adds performance and capabilities.

Meanwhile, technology improves, and there is growing diversity in devices that use Wi-Fi, for an expanding range of reasons.

Lastly, the electromagnetic spectrum being used is expanding, becoming more heavily used, and is subject to greater control by regulators.

Consequently, problems for Wi-Fi will continue to evolve and become more complex.

Wi-Fi specialists can keep up-to-date with everything that’s relevant, and use WiFi forensics to solve the difficult problems.

Wi-Fi has long since past the point where IT generalists can be effective in all matters relating to Wi-Fi.

Overview of Wi-Fi forensics

To solve Wi-Fi problems, it’s necessary to capture and analyse Wi-Fi traffic, and the energy in the electromagnetic spectrum that Wi-Fi uses.

This requires specialised hardware and software, understanding of how Wi-Fi works, and insight into energy patterns in the electromagnetic spectrum.

It’s also necessary to know how different Wi-Fi equipment implements the various versions of the Wi-Fi standard.

Finally, it’s important to understand how non-Wi-Fi equipment can interact and interfere with Wi-Fi traffic.

Wi-Fi traffic

Wi-Fi traffic capture screen-shot

Often problems are due to Wi-Fi devices not being coordinated to share the electromagnetic spectrum effectively.

In fact, it is quite common to find that multiple configuration options are not set optimally.

By capturing and analysing Wi-Fi traffic, many kinds of Wi-Fi problems and their causes can be identified, and so remedied.

Also, capturing and analysing Wi-Fi traffic can be the only way to learn about Wi-Fi devices that are not yours, but that affect your Wi-Fi network.

Radio frequency spectrum

Wi-Fi spectrum capture screen-shot

Wi-Fi devices share electromagnetic spectrum with many other kinds of devices.

Currently, almost none of those kinds of devices cooperate.

Additionally, there can be energy emissions in that spectrum that are not transmissions.

Problems arise when multiple transmissions use the same spectrum at the same time, and when transmissions meet emissions.

Analysing energy patterns in the electromagnetic spectrum that Wi-Fi uses is necessary to identify some of these kinds of problems.

Wi-Fi equipment

All Wi-Fi equipment has built-in software called firmware, and all Wi-Fi firmware has issues.

They range from parts of the Wi-Fi standard that have not been implemented, which is true of all devices, to debilitating software bugs.

Occasionally, how standards are implemented can create incompatibility problems between combinations of Wi-Fi equipment.

Thus, Wi-Fi equipment may not do what it is expected to.

To some extent this is can be understood by looking at their advertised capabilities.

In other cases, it’s necessary to know of implementation issues, publicly admitted by the maker, or not.