Showing posts with label IOS. Show all posts
Showing posts with label IOS. Show all posts

Thursday, April 9, 2015

Wireless Packet Capture on an IOS Device

Normally when you have a network problem with a wireless device you would fire up Wireshark and take a packet capture. On a Mac you can even capture in "Monitor" mode and look at the 802.11 management frames.

But on an IOS device there isn't an App for that! Luckily Apple does provide a way to capture wireless network traffic from an IOS device. This Apple KB will explain how to do wireless packet capture on an IOS device: Getting a Packet Trace

The document is aimed at developers and has a lot of information that a network engineer isn’t interested in. Here is an easy to follow summary of the steps needed to do the capture.

Determine the UDID of the IOS device

To find the the UDID - Connect the IOS device to a Macbook, Click the Apple Icon on the top left, select “About this Mac, click System report. When it opens click on USB on the left. The UDID will be listed as Serial Number. In this case 6bbed03e410f0523d88a50664060b34ad07fe3b9

Start the Remote Interface on the IOS Device

Now that we an IOS device and UDID we can start the remote interface on the Device. With the IOS device still connected to the Mac, open a terminal window and enter:

$ rvictl -s 6bbed03e410f0523d88a50664060b34ad07fe3b9

Starting device 6bbed03e410f0523d88a50664060b34ad07fe3b9 [SUCCEEDED]

Use ifconfig to view the Interface:

$ ifconfig -l
lo0 gif0 stf0 en0 en1 p2p0 fw0 ppp0 utun0 rvi0

If you are using Wireshark select rvi0 as the capture interface.

Using TCPDUMP to capture the traffic

You can use Wireshark to capture and display the traffic. If you just need to capture traffic for later analysis you can use tcpdump which is built into the Mac:

sudo tcpdump -i rvi0 -w iPhone.pcap

To stop the capture CTRL+C.

IOS7 and greater breaks wireshark but here is a work around

The Wireshark forum has a thread - Mavericks cannot capture from iPhone using rvi

From the thread:
As others mentioned, the workaround is to enable the DLT_USER protocol
#149 in Wireshark.
From my experience the actual header and protocol is different depending
wether your device is connected using wifi or radio:

* when connected with radio (3G): set header length to 112, and protocol
to ip
* when connected with wifi: set header length to 108, and protocol to eth

This is just to confirm that the above approach (set header length to 108,
and protocol to eth) works for me. I can capture live and see all the info
about my SIP packets during capture.

Resources

Enterprise Best Practices for Apple Mobile Devices on Cisco Wireless LANs

Posted by at No comments:
Labels: , , , ,

Monday, January 12, 2015

IOS App to Scan WiFi Networks

IOS doesn't allow developers to directly access hardware so there aren't many low level network applications for IOS. But it turns out that even if you don't own an Apple Airport WiFi router you can use the Apple Airport utility to scan for wireless networks.

You will see the AP's MAC, the RSSI and the channel it is using. It's not as good as inSSIDer or WiFi analyzer on Android but it's free and a lot better than nothing.

Installation
Open the App Store on you iPhone or iPad and search for "Airport Utility". Tap "Get" and then "Install". When the app finishes installing Tap Open.



Once the app opens Tap "Wi-Fi Scan" at the top right. When the scanner opens Tap "Scan" on the top right. After a few seconds it will start displaying networks that it has found.












Posted by at 10 comments:
Labels: , , ,

Sunday, January 11, 2015

PathTest for IOS

Why use PathTest
PathTest is available for both iPhone and iPad. It's a universal app so there is a different app for each device. They both work the same but the iPad app is a little more appealing due to the larger screen.

I keep PathTest running on a server in the data center. Whenever a user has an application problem they can quickly verify if the wireless is working correctly using PathTest. It's much better than sending a user to Speedtest.net with all of the ads they have now.

You can also run a baseline when the network is deployed and then occasionally check performance. I ran it in an empty classroom and then with 36 students with iPads in the classroom. It was interesting to see the impact of 36 devices sending beacons.

It's a good tool for verifying changes to your wireless network since you don't have to go out to the public Internet to verify the throughput. Appneta does provide several public servers for your use so you can test your ISP's performance.

Installing PathTest for IOS
On your IOS device, open the App Store and search for pathtest. You will see the icon on the right. Tap Get, when the icon changes Tap INSTALL

To run a test on IOS:
Click the + sign in the upper left corner
Tap either Data Test or Voice Test
Next to Target tap “touch to change”
You can select one of Appneta’s servers or tap the + sign and add one of your devices.


Select the type of test - UDP, TCP, ICMP
Depending on the type of test you select you will be able to set various options


When the test finishes you can email the results. It sends a PDF with complete data from the test




Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)