Last month I used NetStumbler under Windows to search for wireless access points in my travels. This month I gave a Linux-based alternative a spin.
I invoked AirTraf from the command line on an IBM ThinkPad T22 running Mandrake Linux 9.1, with a Xircom CWE1100 CreditCard Wireless Ethernet adapter. In order to run, AirTraf needs a window at least 120 characters wide and 45 characters high, so I had to adjust the Konsole window settings and specify a custom size.
When you start the program, AirTraf enters monitor mode, in which AirTraf controls the card entirely, meaning you can’t surf the Web or chat on IRC in another window. It first scans the 14 available Wi-Fi channels looking for access points. If it finds any, you can choose one for detailed analysis.
AirTraf’s real-time reporting shows MAC, network, and transport-layer statistics, broken down into incoming, outgoing, and total packets and bytes passing through the selected access point. It can also analyze TCP performance for other wireless nodes it detects. You can capture traffic to a disk file and replay it, viewing the results in the performance monitor screens.
AirTraf is a 1.0 product, so it lacks some features it might someday grow. (For comparison, see AiroPeek NX, a commercial wireless protocol analyzer, first released about a year before AirTraf, that runs under Windows.) Welcome enhancements would include application-layer protocol decoding and WEP key decoding.
Still, AirTraf has broader network adapter support than NetStumbler, and it’s a free download running under the GNU license.
It’s a handy tool to take on the road when you’re going wireless.
