Tool Usage

While implementing the algorithms outlined in the chapter 4, three important tools were created, duration-print-generator, duration-print-matcher, and duration-print-grader. This section gives an example of using these tools, as well as how they work. duration-print-generator simply takes in an input pcap and a MAC address, computes all the values outlined in the previous chapters, and writes them out to disk (a .prnt file) duration-print-matcher takes an input pcap, MAC address to fingerprint, and a set of previously computed prints (the print database). It then computes the print for the input pcap and finds the closest match. The following table shows the output of an example duration-print-matcher run. In this case duration-print-matcher is attempting to determine what implementation best maps to the card with the MAC address 00:0a:95:f3:2f:ab in the 5-1-lexie.pcap, against all of the saved prints in the print-db/lexie directory. The filename 5-1-lexie indicates that this pcap is the first sample from implementation-id 5. duration-print-matcher mis-identifies this pcap, as the correct implementation is not at the top of the list.

preform ./duration-print-matcher -a 00:0A:95:F3:2F:AB -p ./print-db/lexie/pcaps/5-1-lexie.pcap -P ./print-db/lexie/

Table C.1: Sample output from duration-print-matcher

$\begin{table} \begin{center} \begin{tabular}{\vert l\vert l\vert l\vert l\ver... ...m2.5 &smc2532w.sys\\ \hline \par \end{tabular} \end{center} \end{table}% WIDTH=600 HEIGHT=208$

Subsections

Duration-Print-Grader

Next: Duration-Print-Grader Up: Fingerprinting 802.11 Implementations via Previous: PCAP Creation for Duration Contents