Use the USB-KW41 + Wireshark for Thread Sniffing

Document created by aleguzman Employee on Jun 30, 2017Last modified by aleguzman Employee on Aug 3, 2017
Version 3Show Document
  • View in full screen mode

802.15.4 wireless sniffers like the USB-KW41Z are capable of capturing over-the-air traffic. The captured packets are passed to a network protocol decoder like Wireshark over a network interface tunnel built by the Kinetis Protocol Analyzer.

 

Hardware 
One USB-KW41Z preloaded with sniffer firmware ( instructions found at www.nxp.com/usb-kw41z

 

Software Download & Install

Thread Wireshark from wireshark.org which is an open-source network protocol analyzer capable of debugging over the air communication between Thread devices.

Kinetis Protocol Analyzer is a software that provides a bridge between the USB-KW41 and Wireshark. 

 

Wireshark Configuration 

  1. Open Wireshark from the Program Files
  2. Click Edit and select Preferences 
    Preferences Wireshark
  3. Click Protocols to expand a list of protocols
    Protocols Wireshark
  4. Select IEEE 802.15.4, click the Decryption Keys Edit... button
  5. Create a new key entry by pressing the plus button, then set the following values and click OK 
         Decryption key = 00112233445566778899aabbccddeeff
         Decryption key index = 1
         Key hash = Thread hash
  6. Find CoAP and configure it with CoAP UDP port number = 5683
  7. Click Thread and select Decode CoAP for Thread  with Thread sequence counter = 00000000 as shown below
  8. At the 6LoWPAN preferences, add the Context 0 value of fd00:0db8::/64
  9. Click OK and close Wireshark

 

Configure Kinetis Protocol Analyzer 

  1. Connect the USB-KW41Z to one of the USB ports on your computer
  2. Open the device manager and look for the device connected port
    Device Manager
  3. Open the "Kinetis Protocol Analyzer Adapter" program
  4. Make sure, you have a USB-KW41Z connected to your PC when opening the program because the Kinetis Protocol Adapter will start looking for kinetis sniffer hardware. Once the USB-KW41Z is detected, the previously identify COM port will be displayed
  5. Select the desired IEEE 802.15.4 channel to scan in the Kinetis Protocol Analyzer window. This guide selects channel 12 as an example 
  6. Click on the Wireshark icon to open Wireshark Network Protocol Analyzer

    An error may appear while opening Wireshark, click OK and continue

 

Wireshark Sniffing

  1. Wireshark Network Analyzer will be opened. On the "Capture" option of the main window, select the Local Area Connection that was created by the Kinetis Protocol Analyzer, in this example, Kinetis Protocol Analyzer created "Local Area Connection 2", then click "Start" button.
  2. USB-KW41Z will start to sniff and upcoming data will be displayed in the "Capture" window of the Wireshark Network Protocol Analyzer.
1 person found this helpful

Attachments

    Outcomes