WLAN Analysis with Wireshark (Radiotap Header Section, Part 3)
Let's continue the topic of Radiotap Header Section on the sub-item: Flags.
Flags: describing the properties of transmitted and received frames. The following diagram shows an example of Flags:
As you can see, there are several sub-items, including
Contention Free Period (CFP): Indicates whether frame was sent/received during the Contention Free Period. It (CFP) defines a period of time during which access to the Wireless Medium is free of contention.
WEP: informs whether a frame was encrypted. Despite the fact that the above diagram shows "False" in that captured frame, the below screenshot describes an AP (MAC ended with 97:78:6c) frame is encrypted.
When you take a closer look, you would identify that QoS / Data Frame are encrypted.
Question: In your Wireshark capture, in "Beacon Frame" "Probe Request" "Probe Response" frames, are they encrypted or not?
Fragmentation: is a way to partitioning an MAC Service Data Unit (MSDU) or an MAC Management Protocol Data Unit (MMPDU) into smaller MAC level frames, MPDUs,
Frame Check Sequence (FCS): A FCS refers to an error-detecting code added to a frame in a communications protocol. As you can not, not only the specific frame shown in the top diagram, the below screen shots tells that most of the frame here with FCS.
Data Pad: Frame contents has padding between the 802.11 header and the data payload to align the payload to a 32-bit boundary.
Bad FCS: Frame was received with an invalid FCS.
Short GI: Frame was sent/received with Short Guard Interval. The guard interval is the space between symbols (characters) being transmitted. It is used to eliminate inter-symbol interference, and increases throughput.
However, according to the below diagram, this AP, even the short GI is not set, is hardware capable with such features.
No comments:
Post a Comment