Networking III - Chapter 4
Association Request Frame (802.11 Management)
-0x00 -Enables AP to allocate resources and synchronize -Frame carries information about wireless connection like supported data rates and SSID of network -AP reserves memory and establishes association ID if accepted
Association Response Frame (802.11 Management)
-0x01 -Sent from an AP to a wireless client -Indicates acceptance or rejection -If acceptance, frame contains information like association ID and supported data rates
Reassociation Request Frame (802.11 Management)
-0x02 -Sent when device dropped from range of currently associated AP and finds AP with stronger signal -New AP coordinates info in buffer of previous AP
Reassociation Response Frame (802.11 Management)
-0x03 -Sent from AP containing device sending reassociation request frame -Contains information required for association
Probe Request Frame (802.11 Management)
-0x04 -Sent from wireless client when requires info from other wireless client
Probe Response Frame (802.11 Management)
-0x05 -Sent from an AP containing capability information, such as the supported data rates, after receiving a probe request frame.
Beacon Frame (802.11 Management)
-0x08 -Sent periodically from AP to announce presence and SSID, among other parameters
Disassociation Frame (802.11 Management)
-0x0A -Sent from device wanting to terminate connection -Allows AP to remove device from association table
Authentication Frame (802.11 Management)
-0x0B -Sending device sends authentication frame to AP containing its identity
Deauthentication Frame (802.11 Management)
-0x0C -Sent from wireless client wanting to terminate connection
Scanning Process Modes
-Active Mode -Passive Mode
Open Authentication
-Always authenticates client -No security
Management Frames
-Association Request Frame -Association Response Frame -Reassociation Request Frame -Reassociation Response Frame -Probe Request Frame -Probe Response Frame -Beacon Frame -Disassociation Frame -Authentication Frame -Deauthentication Frame
DSSS
-Direct Sequence Spread Spectrum -Spreads signal over larger frequency band to make it resistant to interference -Signal is multiplied by "crafted noise" -Used by 802.11b -Used by cordless phones in 900MHz, 2.4GHz, 5.8GHz bands, CDMA cellular and GPS networks
Request to Send (RTS) Frame (802.11 Control)
-First step in a two-way handshake -Required before sending data frames
802.11 Header Fields
-Frame Control -Duration -Address1 -Address2 -Address3 -Sequence Control -Address4
FHSS
-Frequency-Hopping Spread Spectrum
Layer 2 Frame Contents
-Header -Payload -FCS (Frame check sequence)
More Data (802.11 FCS)
-Indicates to a device in power-save mode that the AP has more frames to send. -APs indicate that additional broadcast/multicast frames are to follow.
Authentication Mechanisms
-Open Authentication -Shared Key Authentication
Frame Control Field (802.11 Head)
-Protocol Version -Frame Type -Frame Subtype -ToDS -FromDS -More Fragments -Retry -Power Management -More Data -Security -Reserved
Control Frames
-Request to Send (RTS) frame -Clear to Send (CTS) frame -Acknowledgement (ACK) frame
Common Wireless Router Parameters
-SSID -Password -Network Mode -Security Mode -Channel Settings
Clear to Send (CTS) fame (802.11 Conrol)
-Second step in two way handshake -Includes time delay that minimizes chance of other clients transmitting while requesting client transmits
Sequence Control (802.11 Head)
-Sequence number -Fragment number (number of each frame sent of a fragmented frame)
Control Frame
-Used to "facilitate the exchange of data frames between wireless clients" -Help prevent collisions
Final Stage of Authentication Process
1 - Wireless client forwards Association Request with its MAC address 2 - AP responds with Associate response including AP BSSID 3 - AP maps a logical port called the association identifier (AID) to the wireless client. The AID is equivalent to a port on a switch and allows the infrastructure switch to keep track of frames destined for the wireless client to be forwarded.
Shared Key Authentication Process
1 - Wireless client sends authentication frame to AP 2 - AP responds with challenge text to client 3 - Client encrypts the message using shared key and returns encrypted text back to AP 4 - AP decrypts encrypted text using shared key 5 - Authenticates if decrypted text matches challenge text
Shared Key Authentication
Based on a key pre-shared between client and AP
CSMA/CA
Carrier Sense Multiple Access with Collision Avoidance
Half Duplex
Communication in both directions done one at a time
Frame Type (802.11 FCS)
Determines function of frame
DCF
Distributed Coordination Function
Frame Subtype (802.11 FCS)
Further determines function of the frame.
FromDS (802.11 FCS)
Indicates frame is coming from DS (only used in clients associated with AP)
ToDS (802.11 FCS)
Indicates frame is going to DS (only used in clients associated with AP)
Security
Indicates if encryption and authentication used in frame
Power Management (802.11 FCS)
Indicates sending device is in active mode or power-save mode
Reserved
Indicates that all received data frames must be processed in order
Retry (802.11 FCS)
Indicates whether frame is being retransmitted
More Fragments (802.11 FCS)
Indicates whether more fragments will follow
Acknolwedgement (ACK) frame (802.11 Conrol)
Receiving client sends ACK frame to sending client if no errors found
Address3 (802.11 Head)
Sometimes MAC address of destination
Passive Mode (Scanning Process)
The AP openly advertises its service by periodically sending broadcast beacon frames containing the SSID, supported standards, and security settings. The primary purpose of the beacon is to allow wireless clients to learn which networks and APs are available in a given area, thereby allowing them to choose which network and AP to use.
Address4 (802.11 Head)
Used in ad hoc mode (usually missing)
Data Frame
Used to carry payload information
Management Frame
Used to find, authenticate and associate with an AP
Address2 (802.11 Head)
Usually MAC address of transmitting wireless device/AP
Address1 (802.11 Head)
Usually receiving wireless device/AP MAC address
Duration (802.11 Head)
Usually used to indicate time to wait to receive next frame
Protocol Version (802.11 FCS)
Version of 802.11 protocol being used
Active Mode (Scanning Process)
Wireless clients must know the name of the SSID. The wireless client initiates the process by broadcasting a probe request frame on multiple channels. The probe request includes the SSID name and standards supported. Active mode may be required if an AP or wireless router is configured to not broadcast beacon frames.
