tep 1. Obtain a wireless protocol analyzer, such as WireShark (which is freely available) or other analyzers described in Chapter 14, Test Tools. Step 2. Identify wireless applications to test. Choose applications that you or your organization use from wireless client devices, such as logging in to online accounts, sending and receiving e-mail, or processing credit cards, so that you can get a good idea of what a hacker can see while passively monitoring your wireless network. Step 3. Configure the analyzer to record 802.11 frame transmissions on only the radio frequency (RF) channel of your WLAN. This helps reduce extraneous frames that the analyzer displays by filtering out frames from other channels. With fewer frames, you will be able to more easily pinpoint the 802.11 data frames applicable to your applications. Step 4. For initial tests, turn off encryption (such as WPA); of course, you might only want to do this on a test network, separate from the operational network. Now the WLAN will not encrypt 802.11 data frame contents, which includes the information associated with the application that you are testing. This will give you an idea of what the WLAN exposes to potential hackers if you are not implementing encryption. Step 5. While using each application you chose to test, record a packet trace with the protocol analyzer. View the recorded packet trace and look at the frame body of the 802.11 data frames pertaining to the application you are testing. To narrow down the search, try applying a filter on the packet trace corresponding to only 802.11 data frames associated with the wireless client device you are using the application from. What sensitive information, such as the users username and password when logging into an online bank account, are you able to find? If you are testing an e-mail application, can you interpret the contents of e-mails being sent or received via the wireless client device?