Wireshark 7 – WiFi / 802.11 Network Analysis and Security Using Wireshark

This course is designed for Networking, Government and Security personnel that need to develop a set of packet investigation techniques through study of the WiFi and Wireless Networking Protocols using Wireshark and other Open-Source Analysis tools. Successful completion of this course will provide these individuals with a path-way into the field of Wireless Network Analysis.

Format: 5 days Classroom Instruction

Start/End Times: 0830-1630

Recommended Class Size: 5-12

Audience: Intermediate

Recommended Prerequisites: Completion of Wireshark 1 or equivalent networking and Wireshark experience

More information: www.scos.training



WiFi / Wireless Network Analysis is a specialized sub-set of traditional Network Analysis and encompasses the skills of not only capturing data, but also the ability to discern unusual patterns hidden within seemingly normal network traffic. This course will provide the student with a set of analysis techniques focusing on the use of vendor-neutral, Open-Source Tools to provide insight into the following areas:

  • Wireless Network Analysis fundamentals using Open-Source Wireless Network Analysis Tool to analyze traffic patterns associated with Wireless network behavior
  • Wireless focused network security principles including encryption technologies and defensive configurations of network infrastructure devices
  • Recognition for a variety of issues that affect WiFi/WLAN-based networks and the quality of the data.

Factors including, latency, out-of-sequence packets, packet loss and retransmissions and how the EndUser experiences them will be analyzed and evaluated. Key Wireless related protocols including Data, Management and Control and related supporting protocol architectures will be examined.

  • Advanced Wireless Network Analysis techniques including data traffic reconstruction and viewing
  • Specialized Wireless-based investigative techniques for the Internet of Things (IoT) enabled devices

Real-World examples will be utilized throughout the course in conjunction with numerous hands-on exercises to provide field proven, practical analysis skills. Attendees will receive a student guide including numerous reference files and networking and forensics tools, as well as a library of reference documents.


Course Details:

I. Introduction

  • Logistics

II. Wireless and RF Fundamentals

  • WiFi Fundamentals – Propagation, Interference and Measurement
    • Wireless Technology & Nomenclature
      • WiFi / Wireless Benefits
      • Competing Standards
    • RF Propagation and Interference
    • Wireless Antennas
      • Antenna Theory, Types and Placement
      • Wireless Channel Restrictions
    • Power Measurements
      • Decibel Calculations – Calculating Gains and Losses
  • Building a Wireless Network – Hardware and Communication Architectures
    • Hardware
      • Access Points
      • Antennas
      • Selection Criteria
    • Service Sets
      • Basic Service Set (BSS)
      • Basic Service Set Identifier (BSSID) iii. Extended Basic Service Set (ESSID)
      • Device-to-Device (Adhoc )Communication
  • Recap – Analyzing the Wireless Network – Data Collection
    • Location – How Network Infrastructure Devices Affect Capture and Analysis
      • Switches, Bridges, Routers, Firewalls, CSU / DSU and SBC
    • Multimedia Data Collection – Tips & Techniques
    • Capture Configuration and Multiple Captures
      • Configurations – LAN vs. WiFi / WLAN IEEE 802.11
      • Real-time vs. Post Capture Analysis
      • Monitoring current traffic

III. IEEE 802.11 Technologies – The Beginning: IEEE 802.11a / b / g

  • Frequency, Bandwidth & Channel Considerations
  • Spread Spectrum Technologies
    • Frequency Hopping Spread Spectrum (FHSS)
    • Direct Sequence Spread Spectrum (DSSS)
    • Orthogonal Frequency Division Multiplexing (OFDM)
    • Spatial Division Multiplexing (SDM)
  • Wireless MAC Layer
    • Finding a Service Set
    • Connecting to a Service Set
    • Authenticating & Associating to a Service Set
    • Moving Between Service Sets
    • Disconnection from Service Sets
  • Wireless Frame Addressing
    • Transmitter vs. Source Address
    • Receiver vs Destination Address
    • WiFi Frame Forwarding
  • Wireless Data Transmission
    • Arbitration – RTS & CTS
    • Interframe Spacing
    • Collocation & Throughput Considerations
  • Wireless Fragmentation & Acknowledgement
  • Wireless Network Statistical Assessment
    • Wireshark WiFi Supplemental Features
  • Wireless Network Analysis Using Expert Systems
  • Tracking & Reconstructing Wireless Data Flows

IV. IEEE 802.11 Technologies – The Transition: IEEE 802.11n

  • Overview & Terminology
  • IEEE 802.11n RF Propagation
    • Beam Forming
    • Multiple-in / Multiple-out (MIMO)
  • IEEE 802.11n Frame Format & New Fields
    • WiFi Quality of Service (QoS)
    • Frame Aggregation
      • MSDU / MPDU

V. IEEE 802.11 Technologies – The Enhancements: IEEE 802.11ac / ad

  • Overview & Terminology
  • IEEE 802.11n Frame Format & New Fields

VI. Wireless Technologies: The Future – SoHo and IoT

  • IEEE 802.15 Bluetooth
  • IEEE 802.16 WiMAX
  • Home RF
  • IEEE 802.15.4 ZigBee
  • Infrared
  • PBCC
  • 3G / 4G / 5G

VII. Wireless Site Survey and Optimization

  • Installation Considerations
  • Identifying Interference Sources
    • Types of Interference & Spectrum Analyzer Analysis
  • Integrating Wired & Wireless Networks
    • Maximizing Colocation & Throughput

VIII. Wireless Security – Vulnerabilities and Threats

  • Overview of WiFi-based Security Vulnerabilities
  • Rouge Devices
  • Man-in-the-Middle
  • Malware / Ransomware
  • Denial of Service (DoS / DDoS) Attacks
  • Bots / Botnets
  • Fixing the Problem
    • Security Recommendations
    • IEEE 802.1x Radius Overview
    • Wireless Encryption
      • Wired Equivalency Protocol (WEP)
      • WiFi Protected Access (WPA / WPA2 / WPA3)

IX. Where do we go from Here?

  • Wireshark 0 – TCP/IP Networking Fundamentals Using Wireshark
  • Wireshark 1 – TCP/IP Network Analysis
  • Wireshark 2 – Advanced Network and Security Analysis
  • Wireshark 3 – Network Forensics Analysis
  • Wireshark 4 – Mobile Device Forensics Analysis
  • Wireshark 5 – Cloud and Internet of Things (IoT) Advanced Network Analysis
  • Wireshark 6 – VoIP Advanced Network Analysis
  • Wireshark 7 – WiFi Advanced Network Analysis
  • Wireshark 8 – SCADA and ICS Advanced Network Analysis