Monday, August 3, 2015

Wireless 802.11 Basic Points

  • Wireless Timeline

  • Sequence Number (12 bit)
    • Sequence numbers are not assigned to control frames, as the Sequence Control field is not present. 
    • Sequence number does not differentiate between data & management frames.
    • AP maintains sequence number per client for unicast packets.
    • Common counter for all broadcast / multicast packets across all VAPs [irrespective of whether its data frame or management frame]. Check sequence number of Beacon frames of different VAPs but on same device. 
  • CCMP PN Number
    • Valid only for data frames as they are the one which are encrypted.
    • For uni-cast packets, PN number per client is maintained.
    • Common number for broadcast packets for all clients.
    • Tracked as CCMP Ext. Initialization vector
  • Decryption using wireshark
    • Support WPA/WPA2 Personal
    • Generate PSK from SSID & Pass-phrase using this tool
    • Install keys in Edit->Preferences->Protocols->IEEE80211
    • For decryption, traffic must have 4 way handshake procedure. 
  • 11a rates start from 6 Mbps and hence, even beacon in 5 GHz goes out @ 6 Mbps.
  • Its the Association request which contains the connection parameters not the association response.
  • Broadcast packets from clients (such as DHCP discover) are send to AP (RA address is that of AP) with Destination as broadcast. Hence, other wireless nodes will not receive the broadcast packet. 
  • De-authentication Reason Codes:  http://www.aboutcher.co.uk/2012/07/linux-wifi-deauthenticated-reason-codes
  • Rates: 
    • Supported Rates & Extended Supported Rates IEs contain non HT rates supported by the device.Some of the rates are marked as Basic / Mandatory.
    • Control Frames (RTS / CTS / ACK) are send out @ one of the rate marked as Basic / Mandatory. Preference is to send them at best Basic / Mandatory rate.
    • Management frames such as Beacons, Probe Request / Response, Association / Re-association Request / Response are send @ lowest Basic / Mandatory rate.
    • Broadcast & Multicast Data frames are send out @ one of the rate marked as Basic / Mandatory. Preference is to send them at best Basic / Mandatory rate.
    • If a station sends out a packet that the receiver does not have in its supported rates then it will drop the packet.  


  • RSSI vs Range





No comments:

Post a Comment