Q

Is there a way to identify active users on a wireless network?

Is there a way to identify active users on a wireless network? I'm currently using a D-Link broadband router with 802.11b wireless-b 2.4 GHz cards on Windows XP Professional. I can't tell if my own users are online, not to mention outsiders.
There are three ways you can tell which users are actively associated and sending traffic through your wireless LAN: listen to wireless traffic, look at the access point, or listen to wired traffic on the far side of the access point.
  1. In your case, the easiest method is to look at your D-Link's list by opening the router's GUI, clicking on the Status tab, then clicking on the Wireless button. This displays all currently-connected wireless clients, identified by MAC address. That's all there is to it.
  2. If your router did not provide client status, you could capture wireless traffic to identify stations transmitting in your vicinity -- in fact, most WLAN analyzers provide a quick list of stations, sorted by access point and network name (SSID). However, the "RF monitoring" drivers required to hear non-broadcast traffic from other stations are not readily-available for Windows. As a result, you can use a free analyzer like Ethereal to see only broadcast traffic from other WLAN stations (e.g., DHCP and ARP requests). Or you could use a trial version of a commercial analyzer like WildPackets AiroPeek to capture short-but-complete traffic samples. For a list of free and commercial WLAN analyzers for Windows and other OS's, see this ISP-Planet series.
  3. It's also useful to listen to traffic on the wired side of the AP. This tells you more than which wireless stations are nearby or trying to connect to your AP -- it tells you those that are actually using your network. However, in your case, this method makes little sense: your D-Link router is (probably) using network address translation to convert the source IP address of every sent packet to the public IP address of your router's WAN interface. If you captured traffic with an Ethernet LAN analyzer (like Ethereal), you'd have to really examine data payload to try to figure out which packets came from which users -- for example, by looking for email logins sent to POP servers, or "From" addresses in mail sent to SMTP servers.
This was first published in February 2005

Dig deeper on Mobile Basics

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchConsumerization

SearchNetworking

SearchTelecom

SearchUnifiedCommunications

SearchSecurity

Close