Wireless Packet Capture, Monitoring and Reports
LAD offers a robust Wi-Fi system with more features than the typical wireless system. Its tool kit is designed to naturally support the operator’s needs and operations and promote efficient use of Wi-Fi, for example, by detecting which channels other devices and users are hogging, and which are relatively free of traffic (this is particularly useful for the heavily utilized 2.4G band).
LAD is capable of wirelessly capturing up to three Wi-Fi bands. LAD offers three modes of operation for Wi-Fi packet capture: dedicated packet capture mode, monitoring mode and a hybrid between the two.
Captured Wi-Fi packets may be downloaded from the Wifi Monitor page.
- After making any changes on the Wi-Fi monitor page or the Wi-Fi channel page(s), go to "Settings" from the Main Menu and click on "Reboot" at the top of the page to reboot LAD and apply the changes. Using the reboot option on the Settings page is better than powering LAD off and on because it ensures that all data gets properly stored before rebooting (it is also easier on the hard drive).
Dedicated Wi-Fi Packet Capture
If LAD’s Wi-Fi is used for dedicated packet capture, it will not allow the use of its Wi-Fi for routing or processing traffic, but will capture and record all Wi-Fi traffic that it detects, regardless of its source. In this mode, LAD is a great tool for debugging connectivity problems, to figure out which devices are having connectivity problems and so on.
To set up dedicated Wi-Fi Packet capture go to Wi-Fi Monitoring in the Wi-Fi section and find the desired band in the list of available bands. Checkmark “Monitor Only” and click on “Update.”
Checkmarking "Deny PCAP" when Wifi monitoring is engaged causes the captured packets to be discarded instead of saved, allowing you to monitor a channel and get reports on traffic without retaining the packets.
Wi-Fi Monitoring (standard)
When used in monitoring mode, all of the Wi-Fi bands may be used for routing and processing traffic while at the same time monitoring and capturing Wi-Fi activity and packets other than the activity routed by LAD, regardless of its source. In this mode LAD will generate reports on Wi-Fi channel utilization, which helps with the detection of over-congested bands. It is a convenient tool that gives you the information to react and switch to a different, less-loaded channel should your neighbor overload the one you are using.
Aside from routing traffic, one of the differences between monitoring mode and dedicated wireless packet capture is that in monitoring mode LAD captures and records only the packets that have NOT been processed through it, i.e., the wireless activity that pertains from other, non-LAD sources. This information and the reports generated from it give perspective on how congested a particular channel is.
Monitoring mode is the standard, default mode. To change a band that has been in dedicated monitoring mode back to standard monitoring mode, simply uncheckmark “Monitor Only” and click on “Update.”
Hybrid Wi-Fi Packet Capture & Monitoring
LAD also gives you the option of conducting dedicated packet capture on one or two bands, while using the other bands in the standard monitoring mode. This would allow regular use of one band, while allowing simultaneous capture and debugging one or both of the other bands (E.g., you can connect your computer on the 6G band and use the 6G Wi-Fi as normal, while at the same time LAD is capturing Wi-Fi packets and generating reports on the 2.4G band, letting you monitor and work at the same time without the need for a separate router).
LAD’s Wi-Fi activity reports provide information on the MAC addresses of the devices connecting wirelessly. With this information you can keep track of the new or unknown devices that may appear on the wireless network. It can also alert you of suspicious attempts to connect to your wireless network before they succeed and of what devices (by MAC address) come in the range of your wireless network.
In addition, you can also have the system retain the Wi-Fi packets themselves, which may be used to troubleshoot, debug or investigate suspicious network activity, such as attempts to penetrate the network through Wi-Fi. This last is an important point. While many imagine that Wi-Fi must have great security, the encryption protocols used by Wi-Fi are actual very weak.