I’m currently studying for a postgrad in Cyber Security, and have had a practical assignment come up. Obviously I won’t be going into the details of the assignment here, but it’s not unreasonable to say that it involves measuring wireless network performance and throughput under a selection of different conditions.
The original labs for this were done during the lecture, and so I have a set of results which I could use, but since there were too many variables for me to feel comfortable (multiple students connecting at different times for traffic analysis, above anything else) with those results, and we only took a limited number of results for each environment, I’ve decided that I can do better on my own, and to build my own lab for the purpose. More importantly I can automate it, so that the extent of my effort in collecting the results can be reduced to kicking it off overnight and starting analysis in the morning.
So firstly there’s the shopping list, which is mercifully short and low-budget:
- A desktop or laptop PC with enough grunt to run a couple VMs, a couple of network ports, and as many USB ports as possible (that one’s important).
- Two USB wifi dongles capable of running in monitor mode – the standard in this area seems to be the TP-LINK TL-WN722N (currently around £11.50 from Amazon), I keep a few of these lying around because they keep coming in handy.
- A router which can support different network and security protocols, and can run an SSH server for configuration, for routers I pretty much always go with the GL .inet range, again because I have a few lying around for different projects (Out of stock from Amazon)
- Some network and USB cables.
The aim is to minimise the amount of running around required, and the requirement to have multiple physical systems involved. The steps to create the lab were also pretty easy:
- On the physical machine, make sure the hypervisor will let you assign a wireless dongle to each of the two VMs – this one took me some headbanging to sort out, dealing with issues around how Hyper-V handles network cards, and other issues around VirtualBox’s handling of USB dongles. Final solution was to handle the networking side in the host OS, and just assign them as network connections to the guest Ubuntu machines via VirtualBox
- Create two VMs (I’m planning to add a third for management purposes, so a whole suite of tests can just be scripted to run overnight, but this is a start) and drop an OS onto them (after fun trying to get atheros drivers on Linux I ended up with an older Ubuntu distribution, which worked just fine)
- Connect the router with a network cable, and the two USB dongles with extension cables, to your host machine, for now the two VMs can share the host machine’s network connection (for software downloading purposes)
- Install iperf on each of the guest machines, and set up the wireless network as desired for testing
- Switch the network connections for the two guests over to one wifi dongle each, connect them to the access point via the host system, and check that they can talk to each other happily
- Run iperf in server mode on your server guest VM, and in client mode on the client, be stunned at the variance of wifi signals with very little change in environmental conditions
So now it’s running through the first set of tests, followed by a reconfiguration of the access point, and repeat. Next step once that’s all done is to play around with scripting until I can just give it a specification to test out for a while, and leave it running (I’m curious about things like different key lengths, window sizes, and so on and whether they’ll have an impact). I’ll put the script together and run through it next time, and after that will take a look at various methods for intercepting, cracking and spoofing wireless networks, by extending the lab capabilities.