802.11-based Wi-Fi is the leading communication mode in homes, public areas, offices, and in industrial sites
In 2017 and beyond, analysts, agencies, and security experts are all in agreement that threats to public safety, critical infrastructure, and data will rapidly escalate. The widespread proliferation of IoT and other wireless devices create enormous numbers of vectors and entry points for malicious activities including keylogging, malware, DDoS, IP spoofing, man-in-the middle (MiTM), and other attacks.
As criminals become more sophisticated in their means and methods, agencies and law enforcement face even greater challenges protecting lives and property. What’s needed is a specialized tool to add to the law enforcement and IT arsenal, one that provides a way to wirelessly collect and inject data into Wi-Fi-based traffic. Such a tool, a Wi-Fi sniffer/injector would enable agencies and IT to become their own MiTM.
A Wi-Fi sniffer is a device that passively listens and records information exchanged in a targeted Wi-Fi channel. A Wi-Fi injector actively transmits data into a Wi-Fi channel, then records and analyzes the response. Intelligraphics provides a mobile Wi-Fi device driver for TI WiLink™ and select Qualcomm® chipsets that enables customers to create a solution stack for a truly portable, mobile wireless sniffer/injector. It features a single Wi-Fi driver that can either act as a Wi-Fi sniffer/injector, or as a regular Wi-Fi driver.
BloodHound Sniffer/Injector Key Benefits
- Achieve precise control and monitoring of Wi-Fi networks.
- Meet organizational performance and security requirements.
- Remote wireless monitoring reduces risk of being noticed or compromised.
- Do more with less by targeting and proactively surveilling Wi-Fi communications in real-time.
- Gain proactive intelligence and improved situational awareness.
- More effectively identify and evaluate threats, improve public safety, and protect critical infrastructure.
- Multi Wi-Fi module/adapter support enables sniffing/injection on multiple channels
BloodHound Sniffer/Injector Key Features
► Support for filtering at type
- Management frames
- Data frames
- Control frames
► Support for filtering at subtype
- PS Polling
- HT DATA
► Infrastructure specific metadata on a per packet basis
- Channel/Frequency info
- Length of underlying MAC frame
- RSSI (Signal Strength)
- Time Stamp
- Data Rate
► Availability of unprocessed frames with errors
- PHY Errors
- CRC errors
► Ability to decode encrypted frames Intermediate buffering driver
- Intermediate buffering driver to improve performance
- Buffering driver optimizes the bottleneck in processing between the Wi-Fi sniffer driver and the user application.
► API Interface for application development
- Provides a well defined API that is used to control the sniffer
- Easy for application developers to interface their application to the sniffer.
► Support for multiple platforms
- Torpedo DM3730 reference design
- Panda OMAP 4430 reference design
- OMAP4 Blaze platform 4430
- Commercial LG Thrill 3d smart phone
- Motorola Razer Maxx
- BeagleBone Black
- Easily ported to other platforms on a customer driven basis
► Support for injection, zero back-off
- Full 802.11 packet content controllable by user including RateLengthType of packetDuration
- Option to follow CSMA/CA protocol for injection
- Overriding of CSMA/CA or back-off protocol for injection
- Zero back-off injection
► Type of solutions
- Driver + firmware combo Sniffer
- Firmware only sniffer solution (Can be usedin devices where driver for wireless chipset is not modifiable)