Module 6: Frames and Network Interaction
Packets vs. Frames
Just discussing the difference between Protocol Data Units (PDUs).
802.11 MAC Frames
MAC Header
Frame Types
Management Frames
Management frames subtypes:
0
Association Request
1
Association Response
2
Re-association Request
3
Re-association Response
4
Probe Request
5
Probe Response
6
Measurement Pilot
7
Reserved
8
Beacon
9
ATIM
10
Disassociation
11
Authentication
12
Deauthentication
13
Action
14
Action No ACK
15
Reserved
Control Frames
Control frames subtypes:
0-6
Reserved
7
Control Wrapper
8
Block ACK Request
9
Block ACK
10
PS-Poll
11
RTS
12
CTS
13
ACK
14
CF End
15
CF End + CF-ACK
Data Frames
Data frames subtypes:
0
Data
1
Data + CF ACK
2
Data + CF Poll
3
Data + CF ACK + CF Poll
4
Null Function (No Data)
5
CF ACK (No Data)
6
CF Poll (No Data)
7
CF ACK + CF Poll (No Data)
8
QoS Data
9
QoS Data + CF ACK
10
QoS Data + CF Poll
11
QoS Data + CF ACK + CF Poll
12
QoS Null (No Data)
13
Reserved
14
QoS CF Poll (No Data)
15
QoS CF ACK + CF Poll (No Data)
Interacting with Networks
Open Network
In IEEE 802.11 Wireless Management > Fixed Parameters > Capabilities Information, we can check the Privacy bit to see if the AP is encrypted.
WEP
Same process as the Open Network however the Privacy bit will show it is encrypted. The lack of WPA/WPA2 tags indicates WEP.
EAPoL
Extensible Authentication Protocol over LAN (EAPoL) frames are commonly used during the handshake when connecting to an AP with WPA, WPA2, WPA3, or OWE.
WPA1
Advertises WPA1 PSK TKIP.
WPA2
Advertises WPA1 and WPA2, both with AES/CCMP and TKIP.
WPA3
Advertises with SAE in the RSN IE, and 802.11w which is mandatory for WPA3.
OWE
Advertises an RSN IE with OWE, and 802.11w which is also mandatory for OWE.
WPS
Advertises with a WPS beacon tag.
Last updated