Installation guide
Chapter 10
136 Sniffer Technologies
a Specify the length of the key by selecting the appropriate option.
Keys can be either None, 40-bit, or 128-bit. Use the None option
if no encryption is used on the network.
Depending on the length of the key specified, some or all of the
adjacent fields become active, enabling you to specify the keys in
use.
b Specify the exact value for each key in the adjoining spaces
provided.
NOTE: The four encryption keys in use on a WEP-encrypted network
are all typically the same length — either 40-bit or 128-bit.
7
Click OK on the Select WEP Keys dialog box.
The Sniffer software attempts to use the specified WEP keys to decrypt
the data in the selected buffer or trace file and opens a new window
with the results. If you specified the correct WEP keys, the new window
displays the newly-decrypted data. You can save the decrypted data to
a new trace file using the usual File > Save command.
NOTE: An easy way to determine whether you have entered the correct WEP
keys is to check for the presence of a large number of WEP-ICV Error Expert
alarms. If there are an abnormally large number of these alarms, you
probably have not entered the correct WEP keys for the encrypted data in
the selected buffer or trace file.
Expert Objects and Alarms for Wireless
Networks
The Sniffer software provides several additions to the Expert analyzer for
wireless networks, including:
Information for DLC layer network objects receiving or sending
information over a wireless LAN.
During Expert analysis, the Sniffer software constructs a database of
network objects from the traffic it sees. The Expert protocol interpreters
learn all about the network stations, routing nodes, subnetworks, and
connections related to the frames in the capture buffer. This information
is presented in the Expert display.