Difference between revisions of "Wireless forensics"

From ForensicsWiki
Jump to: navigation, search
m (cracking only solutions with GPU acceleration)
m
Line 17: Line 17:
 
* [http://aircrack-ng.org/doku.php aircrack-ng]
 
* [http://aircrack-ng.org/doku.php aircrack-ng]
  
WPA/WPA2-PSK cracking only solutions with [[Forensics on GPUs|GPU acceleration]] (15-100 times faster than in CPU-only mode):
+
WPA/WPA2-PSK cracking-only solutions with [[Forensics on GPUs|GPU acceleration]] (15-100 times faster than in CPU-only mode):
  
 
* [http://www.elcomsoft.com/edpr.html ElcomSoft Distributed Password Recovery]
 
* [http://www.elcomsoft.com/edpr.html ElcomSoft Distributed Password Recovery]

Revision as of 14:56, 14 October 2008

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Wireless forensics is the process of capturing information that moves over a wireless network and trying to make sense of it in some kind of forensics capacity.

Wireless Local Area Networks

WLANs are standardized under the IEEE 802.11 series.

Common encryption technologies used by these networks are: WEP, WPA/WPA2-PSK, some networks have no encryption at all.

In order to decrypt intercepted secured WLAN traffic you should crack the encryption key. Note, that the only option for cracking WPA/WPA2-PSK keys is to do a brute-force password guessing attack. There are several WPA-PSK rainbow tables available.

Many commercial network forensics systems can intercept and decrypt WLAN traffic, for example:

As well as some open-source tools:

WPA/WPA2-PSK cracking-only solutions with GPU acceleration (15-100 times faster than in CPU-only mode):

Wireless Metropolitan Area Networks

GSM networks

Other networks