Wireless forensics

From ForensicsWiki
Jump to: navigation, search

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Wireless forensics is the process of capturing information that moves over a wireless network and trying to make sense of it in some kind of forensics capacity.

Wireless Local Area Networks

WLANs are standardized under the IEEE 802.11 series.

Common encryption technologies used by these networks are: WEP, WPA/WPA2-PSK, some networks have no encryption at all.

In order to decrypt intercepted secured WLAN traffic you should crack the encryption key. Note, that the only option for cracking WPA/WPA2-PSK keys is to do a brute-force password guessing attack. There are several WPA-PSK rainbow tables available.

Many commercial network forensics systems can intercept and decrypt WLAN traffic, for example:

As well as some open-source tools:

WPA/WPA2-PSK cracking-only solutions with GPU acceleration (15-100 times faster than in CPU-only mode):

Wireless Metropolitan Area Networks

GSM networks

Other networks