Wireless II Haktip17 Frames Frames Notes 3 Frame

Wireless II

Haktip-17 Frames

Frames – Notes • 3 Frame type ▫ Management � Beacons � Probes � Request � Response � Associations � Request � Response � Disassociate � Authentication � Auth � Deauth ▫ Control � RTS � 2 way handshake � CTS � Time to send ▫ � ACK Data

Frames – Questions • Which frame has REQ, RESP, DISASSOC ▫ Association • What are the 3 types of frames ▫ Management ▫ Control ▫ Data

Haktip-19 Beacon Frames and Injection

802. 11 Beacon Frames and Injection – Notes • Beacon: announces presence wireless device • Beacon types ▫ Ad-hoc ▫ Ssid � 32 character identifier ▫ Timestamp ▫ Capability �Channel �Data Rate • MDK 3

802. 11 Beacon Frames and Injection – Questions • What can MDK 3 do: ▫ Network probing • What is the SSID ▫ The 32 character wireless network name • What does a Beacon do ▫ Announces the presence of a wireless device

Haktip-21 Frame Analyzing

Frame Analyzing – Notes • ID ▫ SSID � 32 character text ▫ BSSID � 6 hex octets �Typically the MAC address ▫ ESSID �All the BSSs in the network �Basically the SSID • Wireshark • Aircrack ▫ Airbase-ng • MDK 3

Frame Analyzing – Questions • T/F: the BSSID is always the same as the wireless MAC address ▫F • What does the command airbase-ng do: ▫ Used with the AT interface to work with the encrypted data. E. g. you can see plaintext before sent and after received

Haktip-23 Probe Requests and Responses

Probe Requests and Responses – Notes • Probes: active • Beacons: passive • Probe ▫ Client ▫ Request ▫ Respond • Info ▫ ▫ Data rates Ssid Timestamp Type of security • Who can you probe ▫ A specific AP ▫ All

Probe Requests and Responses – Questions ▫ Difference between probe and beacon �Probe: active – sends/request for you WS �Beacon: passive – receives from others ▫ Who is FF: FF: FF: FF meant for �Everyone!