CEH Lab Manual Hacking Wireless Networks Module 15 Module 15 - Hacking Wireless Networks Hacking Wireless Networks I Vi-Fi is developed on IE E E 802.11 standa ids and is widely used in wireless communication I t provides wireless access to applications and data across a radio network I CON KEY [£Z7 Valuable information Test roui knowledge = Web exercise m Workbook review Lab Scenario Wireless network teclinology is becoming increasingly popular but, at the same tune, it has many security issues A wireless local area network (WLAN) allows workers to access digital resources without being tediered to their desks However, the convenience o f WLANs also introduces security concerns that not exist in a wired world Connecting to a network no longer requires an Ethernet cable Instead, data packets are airborne and available to anyone widi ability to intercept and decode them Several reports have explained weaknesses 111 the Wired Equivalent Pnvacy (WEP) algorithm by 802.1 lx standard to encrvpt wireless data To be an expert ethical hacker and penetration tester, you must have sound knowledge o f wireless concepts, wireless encryption, and their related threats As a security administrator o f your company, you must protect the wireless network from hacking Lab Objectives The objective o f this lab is to protect the wireless network from attackers 111 this lab, you will learn how to: ■ Crack W EP using various tools ■ Capture network traffic ■ Analyze and detect wireless traffic Lab Environment C 7Tools dem onstrated in this lab are available in D:\CEHTools\CEHv8 Module 15 Hacking W ireless Networks C E H L ab M an u al P ag e 819 111 the lab you will need a web browser with an Internet connection ■ Tins lab requires AirPcap adapter installed on your machine for all labs Lab Duration Time: 30 Minutes Overview of W ireless Netw ork A wireless network refers to any type o f computer network that is w ireless and is commonly associated with a telecom m unications network whose interconnections between nodes are implemented without the use o f wires Wireless telecommunications networks are generally implemented with some type o f rem ote information transmission system that uses electrom agnetic w aves such as E th ica l H a ck in g a nd C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks radio waves for die carrier The implementation usually takes place at the physical level or layer o f die network ^ TASK Overview Lab Tasks Pick an organization diat you feel is worthy o f vour attention Tins could be an educational institution, a commercial company, 01‫ ־‬perhaps a nonprofit chanty Recommended labs to assist you m Wireless Networks: ■ W 1F Packet Sniffing Using AirPcap with Wireshark ■ Cracknig a \\”EP Network with Aircrack-ng for Windows ■ Sniffing die Network Using the OmniPeek Network Analyzer Lab Analysis Analyze and document the results related to the lab exercise Give your opinion 011 your target’s security posture and exposure PLEASE TALK TO C E H L ab M an u al Page 820 Y O U R I N S T R U C T O R IF YOU R E L A T E D T O T H I S LAB HAVE QUESTIONS E th ica l H a ck in g a nd C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks WiFi Packet Sniffing Using AirPcap with Wireshark The AirPcap adapter is a USB device that, when used in tangent with the AirPcap drivers and WinPcap libraries, allows a pen tester to monitor 02.11b/g traffic in monitor mode ■con key [£Z7 Valuable information y Test your knowledge — m Web exercise Workbook review Lab Scenario Wireless networks can be open to active and also passive attacks These types o f attacks include DoS, M11M, spoofing, jamming, war driving, network liijacking, packet sniffing, and many more Passive attacks that take place on wireless networks are common and are difficult to detect since die attacker usually just collects information Active attacks happen when a hacker has gathered information about the network after a successful passive attack Sniffing is die act o f monitoring die network traffic using legitimate network analysis tools Hackers can use monitoring tools, including AiroPeek, Ethereal, TCPDump, or Wireshark, to monitor die wireless networks These tools allow hackers to find an unprotected network diat they can hack Your wireless network can be protected against tins type o f attack by using strong encryption and authentication methods 111 tins lab we discuss the Wireshark tool, which can sniff the network using a wireless adapter Since you are the etlucal hacker and penetration tester o f an organization, you need to check the wireless security, exploit the flaws 111 W EP, and evaluate weaknesses present 111WEP for your organization Lab Objectives The objective o f tins lab is to help smdents learn and understand how to: ■ C E H L ab M an u al Page 821 Discover W EP packets E th ica l H a ck in g a nd C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks Lab Environment £ Tools dem onstrated in this lab are available in D:\CEHTools\CEHv8 Module 15 Hacking W ireless Networks To execute the kb, you need: ■ Install AirPcap adapter dnvers; to install navigate to D:\CEH-Tools\CEHv8 Module 15 Hacking W ireless NetworksVAirPcap -Enabled Open Source tools, and double-click setup_airpcap_4_1_1.exe to install ■ When you are installing the AirPcap adapter drivers, 11 any installation error occurs, install die AirPcap adapter dnvers 111 compatibility mode (right-click the AirPcap adapter driver exe hie, select Properties‫ ^־‬Compatibility, 111 compatibility mode, and select Windows7) " Wireshark located at D:\CEH-Tools\CEHv8 Module 15 Hacking W ireless Networks\AirPcap -Enabled Open Source tools\wireshark-win641.4.4.exe ■ Run diis lab 111 Windows Server 2012 (host machine) ■ A 11 access point configured widi W EP on die host machine ■ This lab requires the AirPcap adapter installed on your machine If you don’t have this adapter, please not proceed with this lab ■ A standard AirPcap adapter widi its dnvers installed on your host machine ■ WinPcap libraries, Wireshark, and Cain & Abel installed on your host machine ■ Administrative privileges to run AirPcap and other tools Lab Duration Time: 15 Minutes Overview of WEP (Wired Equivalent Privacy) Several serious w ea k n e sses 111 the protocol have been identified by cryptanalysts with die result diat, today, a WEP connection can be easily cracked Once entered C E H L ab M anual Page 822 E th ica l H a ck in g an d C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks onto a network, a skilled hacker can modify software, network settings, and other security settings Wired Equivalent Privacy (WEP) is a deprecated security algorithm for IEEE 802.11 wireless networks Lab Tasks Configure AirPcap Download AirPcap drivers Ironi the site and lollow die wizard-driven installation steps to install AirPcap drivers Launch the Start menu by hovering the mouse cursor on the lower-left corner o f the desktop ca You can download AirPcap drivers from http:// www.a1rdemon.net/ riverbed.html FIGURE 1.1: Windows Server 2012—Desktop view m Tlie AirPcap adapters can work in monitor mode In tliis mode, the AirPcap adapter captures all of the frames that are transferred on a channel, not just frames that are addressed to it FIGURE 1.2: Windows Server 2012—Apps C E H L ab M an u al Page 823 Click the AirPcap Control Panel app to open the AirPcap Control Panel window The AirPcap Control Panel window appears E th ica l H a ck in g an d C o untenneasures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks AirPcap Control Panel Settings Keys Interface AirPcap USB wireless capture adapter nr 00 c a Tlie Multi-Channel Aggregator can be configured like any real AirPcap device, and therefore can have its own decryption, FCS checking and packet filtering settings Transmit: yes Model: AirPcap Nx Blink Led V Media: 802.11 a/b/g/n Basic Configuration Channel 2437 MHz [BG 6] @ Include 802.11 FCS in Frames Extension Channel Capture Type 802.11 + Radio v FCS Filter All Frames Help Reset Configuration Ok Apply Cancel FIGURE 1.3: AirPcap Control Panel window On tlie Settings tab, click die Interface drop-down list and select AirPcap USB w ireless capture adapter 111 the Basic Configuration section, select suitable Channel, Capture Type, and FCS Filter and check the Include 802.11 FCS in Frames check box _ AirPcap Control Panel * Settings ‫ם‬ Keys Interface AirPcap USB wireless capture adapter nr 00 Q=& In Basic Configuration bos settings: Channel: The channels available in the Channel list box depend upon the selected adapter Since channel numbers 14 in the 2.4GHz and 5GHz bands overlap and there are center frequencies (channels) that not have channel numbers., Each available channel is given by its center frequency Model: AirPcap Nx Transmit: yes Blink Led V Media: 802.11 a/b/g/n Basic Configuration Channel ✓]Include802.11 FCS inFrames 2412 MHz [BG 1] Extension Channel Capture Type 802.11 Only v v FCS Filter All Frames Help Reset Configuration Ok Apply Cancel FIGURE 1.4: AirPcap Control Panel window C E H L ab M anual Page 824 N ow , click die K eys tab Check die Enable WEP Decryption check box Tins enables die WEP decryption algoridnn You can Add N ew Key, R em ove Key, Edit Key, and Move Key UP and Down E th ica l H a ck in g an d C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks After configuring settings and keys, click OK AirPcap Control Panel * Settings Keys W EP Configuration In Basic Configuration Settings: Extension Channel: For 802.1 In adapters, one can use the Extension Channel list to create a “wide” channel The choices are -1 (the preceding 20MHz frequency band), (no extension channel), or + (the succeeding 20MHz frequency band) The channel of the additional frequency band is called die extension channel [ E n a b le W EP Decryption Keys Add New Key Remove Key Edit Key Move Key Up Move Key Down Help Ok Reset Configuration Cancel Apply FIGURE 1.5: AirPcap Control Panel window D TASK Launch Wireshark Network Analyzer The Wireshark main window appears Capturing the packets l‫׳‬U The Wireshark Network Analyzer [Wireshark 1.8.2 (SVN Rev 44520 from /trunk-1.8)] file £dit View £0 Capture Analyze Statistics Telephony I j W t f M t M B B K S A I * * Filter Iools Internals ‫►י‬m T ± | v | Expression [ B p ] ^ ^ 01 Clear E l “ ! x ‫'־‬ Help Apply yt m Save T he W o rld 's M o s t P o p u lar N e tw o rk P rotocol A n a lyze r Version 1.8.2 (SVN Rev 44520 from /tru n k - 1.8) W I R E S H A R K ,, In te rfa c e List O p en Open a t>‫־‬ev*ousV captured fie ft Open Recent: m You can download Wireshark from http: / /www.wireshark.org User's G uide M start Th« User's Guid« (local version, if instaied Choose one or more nterfaces to capture from, then Start ^ S a m p le C aptures S ecurity A rich assortment of example capare files on th* wiki " t" AirPcap US8 wireless capture adapter nr 00: \\.\ai A Work with Wireshark as secu!*ty as posstte f f ] \Devke\NPF_{0A6DAE573‫־‬C 5C 4‫־‬CFE9‫־‬F4E‫־‬E8E8J s J Microsoft Corporation: \Device\MPFJ82C13C97■‘' £ ‫|־י‬ ^ o r u r.oc c ^ k r W e b s ite Visit the project's website \ md c ' v I C a p tu re O ptions Start a capture with elcutfed opoons IE Ready to load or capture Profile: Default FIGURE 1.6: Wireshark Network Analyzer main window C E H L ab M an u al Page 825 E th ica l H a ck in g an d C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks Hie following are some of die many features Wireshark provides available for UNIX and Windows * Capture live packet data from a network interface Configure AirPcap as ail interface to \ \ ark Select Capture -> Interface (Ctrl +l) You can also click die icon on die toolbar I- ‫ ז□ן‬x (/TjThe Wireshark Network Analyzer [Wireshark 1.8.2 (SVN Rev 44520 from /trunk-1 i File l i Edit ^ View Go | Capture | Analyze K i t Statistics Telephony Jools internals Help ? & [W P I 61 I B interfaces W Options Jv €1 D I* ® ^ Expression Clear Apply Save ■ Display packets with very detailed protocol information ‫ י‬Open and Save packet data captured In te rfa c e List ■ Import and Export packet data from and to a lot of other capture programs b VWt the project's websne Open Recent: User's G u id e e interfaces to capture from, then Start ^ The User $ Guide (local verson, if mstaied', S a m p le Captures A rich assortmert of example capture files on tKe wild Work with Wireshark as securely as poss4>te ® \Device\NPFJ0A6OAE57-3C5C4‫־‬CFE9‫־‬F4E‫־‬E8E83: = Microsoft Corporation: \Devke\NPFJ82C18C97-'J® OT Po.Hair p r io c pc c3>«;r, r~r*,^11c- \ * Search for packets on many criteria mpc — C a p tu re O p tio n s Start a capture *ith detailed options ■ Colorize packet display based on filters ■ Create various statistics W e b s ite a S ta rt ‫ י י ךי‬AirPcap USB wireless capture adapter nr 00: \\.\ai ^ ■ Filter packets on many criteria 0pen Open a previously captured f*e Ready to load or capture Profile: Default FIGURE 1.7: Wireshark Network A11aly2 er widi interface option 10 The Wireshark: Capture Interfaces window appears By default, die AirPcap adapter is not 111 running mode Select die Airpcap USB w ireless capture adapter nr 00 check box Click Start Wireshark: Capture Interfaces Description IP 10 | ,,t" AirPcap USB wireless capture adapter nr 00 □ PI f f Note: Wireshark isn't an intrusion detection system It does not warn you when someone does tilings on your network that he/ she isn't allowed to However, if strange things happen, Wireshark might help you figure out what is really going on C E H L ab M anual Page 826 Microsoft Corporation ] Iff Realtek PCIe GBE Family Controller Help Start Packets Packets/s none 2154 15 Details none 0 Details fe80::3d78:efc3:c874:6f57 375 Details none 375 Details Stop Options Close FIGURE 1.8: Wireshark Capture Interface 11 Automatically, die Capturing from AirPcap USB w ire less capture adaptor nr 00 - Wireshark window appears, and it starts capUiring packets from AirPcap Adapter E th ica l H a ck in g an d C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Strictly Prohibited Module 15 - Hacking Wireless Networks [/T| Capturing from Ai-Pcap USB wireless capture adapter nr 00: \\.\airpcap00 File Edit View 60 Capture Analyze Statistics Telephony Tools internals ‫ו‬ ‫ם‬ mm Save nfo B ea co n f m e , s n ‫ ־‬, f n ‫ ־‬o , F la g s ‫־‬ Beacon f m e , s n ‫ ־‬, f n 1 ‫ ־‬, F la g s ‫־‬ B ea co n f m e , s n ‫ ־‬, F N ‫ ־‬, F la g s ‫־‬ Beacon f m e , s n ^4027, f n ^O, F la g s ^ D e a u t h e n t ic a t io n , s n -1 , f n - , F la g s • B ea co n f m e , s n - , f n - , F l a g s B ea co n f m e , SN -4029, F N -0 , F l a g s B ea co n fra m e , SN -4030, F N -0 , F l a g s B ea co n fra m e , SN -4031, F N -0 , F l a g s Beacon f m e , SN -4032, F N -0 , F l a g s B ea co n fra m e , S N -2 , FN=0, F l a g s Beacon f m e , S N ‫ ־‬, F N ‫ ־‬, F la g s ‫־‬ Beacon f m e , s n 3 ‫ ־‬, f n ‫ ־‬, F la g s ‫־‬ Beacon f m e , £N=26S, FN=0, F la g s ‫־‬ 1 B lo c k A c k , F la g s ‫ ־‬opm.RMFT Beacon f m e , s n 4 ‫ ־‬, f n ‫ ־‬, F la g s ‫־‬ B ea co n f m e , S N 6 ‫ ־‬, F N ‫ ־‬, F la g s ‫־‬ Shift■*■Right 3247 b y te s c a p tu re d (25976 b i t s ) on i n t e r f a c e F la g s : s F T Ctrl* Right Ctrl■*■Left Colorize Conversation 0000 0: 100 0010 : 100 0020 ; Protocol Length 164 St 802 11 e : f 6b 18 802 11 109 164 St 802 11 164 St 802 11 n_ f2 45 0c 802 11 30 104 St 802 11 ► 164 St 802 11 ►St 164 802 11 164 St 802 11 164 St 802 11 802 11 322 St 802 11 109 Ctrl■*■■*■ S t 164 St 802 11 Ctrl■*■‫־‬ St 802 11 322 Ctr1+ = f e 27 (8 02 11 3707 164 St 802 11 Shift■*■Ctrl+R St 802 11 322 ► o Q Normal Size ax Expression Gear Apply Coloring Rules Show Packet in New Window ► Ctrl■*■Space f e 71 b2 52 87 5d 93 8d 44 fa 68 5e fl 3d 16 c7 _ I T H e q A k ] c ( t z i u a _ rd = / M n [ Z .b 9]h Ctrl+R )isplayed: 7211 Marked: Profile: Default FIGURE 1.10: Wireshark Network Analyzer window with interface option C E H L ab M an u al Page 827 E th ica l H a ck in g an d C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks Questions Evaluate and determine the number o f wireless cards supported by die wireless scanner Analyze and evaluate how AirPcap adapters operate Internet Connection Required Yes No P latform S upported C lassroom C E H L ab M an u al Page 831 □ !Labs E th ica l H a ck in g a nd C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks Lab Cracking a WEP Network with Aircrack-ng for Windows Aircrack-ng is an 802.11 W E P and W PA-PSK keys cracking program that recovers keys once enough data packets have been captured It implements the standard FA IS attack along with some optimisations like KoreK attacks, as )),ell as the all-new P T \V attack, thus making the attack much faster compared to other W E P cracking tools I CON KEY '/ Valuable information >> Test your knowledge — Web exercise c a Workbook review Lab Scenario Network administrators can take steps to help protect their wireless network from outside tlireats and attacks Most hackers will post details o f any loops or exploits online, and if they find a security hole, they will come 111 droves to test your wireless network with it W EP is used for wireless networks Always change your SSID from the default, before you actually connect the wireless router for the access point If an SSID broadcast is not disabled on an access point, die use o f a DH CP server to automatically assign IP address to wireless clients should not be used because war dnving tools can easily detect your internal IP addressing it the SSID broadcasts are enabled and the DH CP is being used As an etlucal hacker and penetration tester o f an organization, your IT director will assign you the task o f testing wireless security, exploiting the flaws in \\”EP, and cracking the keys present 111 W EP o f an organization 111 tliis k b we discuss how WPA key are cracked using standard attacks such as korek attacks and PTW attacks & Tools dem onstrated in this lab are available on D:\CEHTools\CEHv8 Module 15 Hacking W ireless Networks C E H L ab M an u al Page 832 Lab Objectives The objective o f tins lab is to protect wireless network from attackers 111 tins lab, vou will learn how to: ■ Crack W EP using various tools ■ CapUire network traffic ■ Analyze and detect wireless traffic E th ica l H a ck in g a nd C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks Lab Environment To execute the kb, you need: m Visit Backtrack home site http://w\v\v.backtrackIi1u1x.org for a complete list of compatible Wi-Fi adapters ■ Aircrack-ng located at D:\CEH-Tools\CEHv8 Module 15 Hacking W ireless Networks'!WEP-WPA Cracking Tools\Aircrack-ng\bin ■ Tins tool requires Administrative pnvileges to ran ■ A client connected to a wireless access point ■ This lab requires AirPcap adapter installed on your machine If you don’t have this adapter please not proceed with the lab Lab Duration Time: 20 Minutes Overview of Aircrack-ng m Airplay filter options: -b bssid: MAC address, access point TASK Cracking a WEP Network A wireless network refers to any type o f computer network that is w ireless, and is com m only associated with a telecom m u n ication s network w hose in tercon n ection s between n od es are implemented without the use o f wires Wireless telecommunications networks are generally implemented with some type o f rem ote information transmission system that uses electrom agn etic w a v es, such as radio waves, for the carrier, and this implementation usually takes place at the physical level or layer o f the network Lab Task Launch Aircrack-ng GUI from D:\CEH-Tools\CEHv8 Module 15 Hacking W ireless Networks\AirPcap -Enabled Open Source tools\aircrack-ng-0.9airpcapbin by double-clicking Aircrack-ng GUI.exe Click the Airdump-ng tab ‫ט‬ To start wlanO in monitor mode type: airmon-ng start wlanO m To stop wlanO type: airmon-ng stop wlanO FIGURE 2.1: Airodump-ng window C E H L ab M an u al Page 833 E th ica l H a ck in g an d C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks Click Launch This will show the airodump window airodump-ng 0.9 — ‫ם‬ x airodump-ng 0.9 — 2006 Thomas d'Otreppe Original work: Christophe Devine m To confirm that die card is in monitor mode, run the command “iwconfig” You can then confirm the mode is “monitor” and the interface name usage: airodump-ng [ivs only flag] Known network adapters: AirPcap USB wireless capture adapter nr 00 Network interface index number -> FIGURE 2.2: Airodump-ng selecting adapter window Type the Airpcap adapter index number as and select all channels by typing 11 Press Enter airodump-ng 0.9 tewJ Aircrack-ng option: b bssid Long version — bssid Select the target network based on the access point's MAC address airodump-ng 0.9 - 2006 Thomas d'Otreppe Original work: Christophe Devine usage: airodump-ng Cius only flag] Known network adapters: AirPcap USB wireless capture adapter nr 00 Network interface index number Channel: to 14 = all -> -> 11 (note: if you specify the sane output prefix, airodump will resume the capture session by appending data to the existing capture file) Output filename pref ix m For cracking WPA/WPA2 pre-shared keys, only a dictionary method is used SSE2 support is included to dramatically speed up WPA/WPA2 key processing FIGURE 2.3: Airodump-ng selecting adapter window C E H L ab M anual Page 834 -> It will prompt you for a file name Enter Capture and press Enter E th ica l H a ck in g an d C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks ‫כ‬ airodump-ng 0.9 I~ I airodump-ng 0.9 - 2006 Thomas d'Otreppe Original work: Christophe Devine m Aircrack-ng completes determining die key; it is presented to you in hexadecimal format such as KEY FOUND! [BF:53:9E:DB:37], usage: airodump-ng Civs only flag] Known network adapters: AirPcap USB wireless capture adapter nr 00 Network interface index number ChanneKs): to 14, - all -> 11 |capture | at Example#, pkt C.XProgrwn Filta (x8€)IWIdPac*at*Y0‫וזד‬P**l D«no\*anplM\APA.pkt Summary SSD ‫ ־‬BlackSlate Kay - 123«5€785D I o tion Summary SSD ‫ ־‬BlickSlit* PS< = widpackatt Documentation Resource* ►(flWWPWWT* ►\Aowr fra Cerwj Staled Godo ►Vtevr DrUtf HUMBON nitruCtOI* ►-i»ae me L** Services ►vfevr :ech ‫ י‬ca 1euosort reaou•ce3 f 9r WildPacket3 producia G2D « ^ ‫ יכ‬13‫ ג‬WMFBCttts :ecfncaisuooort EZD DrmPe3< Sjppcrted harcv/3rs L 'iiil ► ►wlcPa;«t8 Academy L iU ►fine caac:ut 1•‫״‬cP3:tets oorsuitns Q D ►l'vP6e< ‫ס ט‬ i [F d‫ ־‬ic p, press FI I J } here _ rj FIGURE 3.1: Omnipeek main window Select WEP.pkt C E H L ab M anual Page 841 E th ica l H a ck in g an d C ounterm easures Copyright © by EC-Council All Rights Reserved Reproduction is Stricdy Prohibited Module 15 - Hacking Wireless Networks P F I Edit v *w ^ • t! • m C *x‫ ״‬e Send fe: a a j Monitor Tool! Window Help a t, * * B i ^i t a ♦ W lld P kt ! ‫׳‬S ^ n lP e e k ‫בש‬ E ^ © ^ , :o E Start Fac« x ‫׳‬ 5‫ י‬O Jd d4 (‫־‬ WildPackets OmniPeek Sample Files PasK.e! bampies cM Sancte Re wch a variety of wired traffic ‫־‬£