Contact Us Champlain.edu  
The Leahy Center for Digital Forensics & Cybersecurity
The Leahy Center for Digital Forensics & Cybersecurity

Access Point Tool Review

Research Projects

accesspoints

The access point project was designed when local law enforcement asked the LCDI to find and recommend a tool that could examine access points. For those who don’t know much about access points, they are devices that allow access to the network. When you connect your laptop or cell phone to a network wirelessly, you generally use an access point. The ability to examine access points can provide information about the network and devices connecting to it. When law enforcement asked us to conduct a survey on different access point examination tools, they had a list of certain criteria they wanted their tool to be able to do which included: the ability to see network details, GPS mapping functions, logging capability, plotting access points on a map, and reporting features. It was up to us here at the LCDI to find the perfect survey tool.

We looked at several different companies who made tools that were designed to look at access points. Most of these tools were built to examine access points so a Network Administrator could design and troubleshoot their network to work in the most optimal way possible. These tools were designed for network troubleshooting, rather than investigative field work. There was one company that stood out to us in paticular.

Fluke networks is a versatile tech company that has many specialties, one of which is network troubleshooting. They designed a tool called the AirCheck WiFi Tester, which is intended for use by law enforcement rather than network administrators. I decided to test this tool, along with another advanced networking tool from Fluke, the AirMagnet Survey Pro. This tool is not designed for law enforcement, but has more of the capabilities that local law enforcement requested such as GPS mapping functions and plotting access points on a map.

Because Fluke networks is so popular and many people buy their products, they demo out their tools for a short period of time. We requested a demo for both the tools so we could test them, compare them, and determine which one would be best for law enforcement.

AirCheck WiFi Tester
The first tool we received to demo was the AirCheck WiFi tester. The AirCheck™ WiFi Tester is a dedicated, handheld, stand alone device designed for examining wireless access points. It is designed so law enforcement can easily locate access points in the area, look for networks, see what clients are currently communicating, and better analyze their surroundings. It is set up with a home screen that can analyze different parts of the network as shown below.

AirCheck has some really  cool features. It can show signal to noise ratio on each channel and display which ones are heavily active. You can get information about individiaul networks including security features and what devices are connected to it. You can also locate a device that is giving off a signal using the provided antenna.
AirCheck has a virtual online demo that anyone can try if they want to explore these different views mentioned above.
This tool costs about $2000, which seems expensive; however, it could save law enforcement time, money, and resources in the long run. When in the field, they can quickly determine if there could be unsafe networks or alternate access points someone may be accessing, allowing them to narrow down their scope and spend time investigating one small, particular area rather than a wide area.

AirMagnet Survey Pro
The AirMagnet Survey Pro is another tool created by Fluke Networks that is designed for network planning. Although this tool is not geared towards law enforcement, it has many powerful capabilities that local law enforcement were looking for in an access point tool. So, we decided to try out the program by downloading the free demo onto a laptop.

Not all of the tools capabilities were available to us in the demo version, however, the tool provided us with an explanation of each of the features we could not use. There were also some pre-made tests loaded up that made testing this tool easier.

When set up properly this tool maps out access points and shows signal strengths of the access points on a heat map. It also allows investigators to map out their route so they can see the path they took. This software is great for looking at large scale network information.

Shown below is a premade test the that came with the demo. This shows how the investigator can easily filter out a specific SSID to see signal strength, or switch views to see further information about other SSIDs.

While the visual interface makes it easy to view the areas access points, there is some setup required. The user must upload either floor plans or GPS information. There is some setup required to get the tool running, so although it can show the information very clearly, it may not be best for quick, on the site work.

Conclusion

Both tools are great, but they are both designed to do different things. Although AirMagnet Survey Pro is a great tool for network planning, and fits more of the criteria law enforcement requested, we believe the AirCheck is better. It has an easier interface to use and can do quick on-site evaluations, while the AirMagnet requires a more technical knowledge and requires time to setup. While we were impressed with the capabilities of both tools, we believe the AirCheck WiFi Tester would be more beneficial to the needs of our local law enforcement.​

More Research Projects
CyberRange Team: Creating The Perfect Sandbox Environment

CyberRange Team: Creating The Perfect Sandbox Environment

The Internet of Things Team: An Inside Look

The Internet of Things Team: An Inside Look

CyberTech: Creating a Safer Internet Through Education

CyberTech: Creating a Safer Internet Through Education

Burlington, Vermont
© Copyright 2024 | Champlain College Incorporated, Burlington, VT | (802) 860-2700 or (800) 570-5858