Q Analyzing Wireless Traffic Requirements: We will be conducting some basic wireless network forensics of your local wireless network or network you can connect to. Please follow all rules and TOS agreements set forth by your service or network provider. If you are unable to use your home wireless network, a public Wi-Fi provider may be used. You will have two options for setup with this lab: • Download Kali VM and mount a USB Wi-Fi adapter • Download Kali image file and use win32diskimager to write the file to a USB drive. Then, boot your laptop or computer from the USB drive in “Live Mode” and complete the lab using an internal wireless adapter. If you are unable to setup either instance for this lab, please contact the instructor for alternative solutions. Part 1: Setup your Kali VM (Not USB) 1. Download, setup, and install a Kali VM on your computer in one of the two ways listed above. 2. Plug in your USB wireless device and attach it to your VM by clicking on the appropriate icon that lists your device and select “connect”. 3. Open a terminal, and type “ifconfig -a”. You should see a wlan0 at the bottom of the printout. a. At this point if you do not have a wireless adaptor displayed, contact the instructor for assistance. 4. Type “kismet”. 5. Open a browser and navigate to ‘http://127.0.0.1:2501 Could not access login page using the loopback address. Had to use VM ip instead. 6. At the prompt, use admin and password as credentials. 7. Click “Ok” 8. In the top left, click on the hamburger menu icon (three stacked horizontal lines) and select “Data Sources” 9. Click on the drop-down triangle next to your wireless interface (usually wlan0 or wlan0mon) and select “enable” 10. Close the “Data Sources window” a. It may take a few seconds for network information to be displayed. 11. What information is being displayed to you now that may be useful in an investigation? 12. Double-Click on the network you will be investigating. RECORD THE CHANNEL AND BSSID OF THE ACCESS POINT (under the device info dropdown).What information is being displayed to you and how would it be useful in an investigation? 14. Under the ‘Wi-Fi (802.11)’ drop down, record the associated clients.a. Click on them to see additional details b. What information is being displayed and how is it useful in an investigation? 15. Close out the browser window. 16. In the console window, hold “CNTRL C” to stop the kismet server 17. Type “iwconfig <your interface> chan #” where # is the channel number of the wireless network you are targeting. a. Why would you need to set a channel number?b. What could possibly happen in an investigation where an interface is monitoring on all channels and not a specific one?
View Related Questions