TamoSoft: Network Analysis Tools & Security Software
Contents

WLAN Analyzer and Protocol Decoder - CommView for WiFi
Site Survey Tool - TamoGraph Next Page
 
Introduction
About CommView for WiFi
What's New
Using the Program
Driver Installation
Overview
Scanner
Nodes
Channels
Latest IP Connections
Packets
Logging
Viewing Logs
Rules
Advanced Rules
Alarms
WEP/WPA Keys
Reconstructing TCP Sessions
Reconstructing UDP Streams
Searching Packets
Statistics and Reports
Using Aliases
Packet Generator
Visual Packet Builder
NIC Vendor Identifier
Scheduler
Node Reassociation
Using Remote Agent for WiFi
Using RPCAP
Port Reference
Setting Options
Frequently Asked Questions
VoIP Analysis
Introduction
Working with VoIP Analyzer
SIP and H.323 Sessions
RTP Streams
Registrations
Endpoints
Errors
Call Logging
Reports
Call Playback
Viewing VoIP Logs
Working with Lists in VoIP Analyzer
NVF Files
Advanced Topics
Understanding CRC and ICV Errors
Understanding WPA Decryption
Understanding Signal Strength
Monitoring 802.11n Networks
Capturing A-MPDU and A-MSDU Packets
Multi-channel Capturing
Capturing High Volume Traffic
Running CommView for WiFi in Invisible Mode
Command Line Parameters
Exchanging Data with Your Application
Custom Decoding
CommView Log Files Format
Information
How to Purchase CommView for WiFi
Contacting Us

Node Reassociation

Given the dynamic nature of WPA encryption, knowing the WPA passphrase alone doesn't allow you to decrypt traffic immediately after entering the correct passphrase. To be able to decrypt WPA-encrypted traffic, CommView for WiFi must be running and capturing packets during the key exchange phase (key exchange is carried out using the EAPOL protocol). Please refer to the Understanding WPA Decryption chapter for detailed information.

 

The Node Reassociation tool can be used for initiating a new key exchange:

 

nodereass

 

This tool simply sends a deauthentication request to the selected stations on behalf of the access point. This causes the stations to reassociate with the access point. The reassociation process usually takes a second and lets CommView for WiFi capture EAPOL packets necessary for WPA-PSK decryption. Don't use this tool unless you need to decrypt WPA-PSK traffic on your WLAN.

 

To initiate a reassociation, select an access point from the drop-down list, select the stations, and click Send. The Send to all clients and Send to selected clients options send unicast packets to all or selected clients. The Send broadcast option sends a broadcast packet to the FF:FF:FF:FF:FF:FF address. While this option covers even undetected stations, some stations may ignore broadcast deauthentication requests. You may want to send several packets using the Packets to send and Interval boxes.