WLAN Analysis with Wireshark (Radiotap Header Section, Part 5)

With all of the above 4 articles regarding the subject of Radiotap Header Section, the writer of this blog believes that "Channel Flags" should reserve a good space to explore concepts.

Channel Flags: displays the information about characteristics of the channel itself, such as the modulation type used, spectrum being used, half/quarter rate channel. The following diagram shows an example on Channel Flags.

Complementary code keying (CCK): is a modulation scheme used with wireless networks (WLANs) that employ the IEEE 802.11b specification. In our example as shown above, CCK is not being used. However, the below capture, CCK is in used.

Orthogonal Frequency Division Multiplexing (OFDM): is a digital multi-carrier modulation scheme that extends the concept of single subcarrier modulation by using multiple subcarriers within the same single channel. OFDM takes advantage of a large number of closely spaced orthogonal subcarriers that are transmitted in parallel.

This example also shows the WLAN capturing device (an Apple MacBook) is using 5 GHz spectrum. 5260, as precisely indicates in below image.

Even with the same laptop, we may be landing in different channel frequency. The following diagram, captured in the same day, different time-periods, of course, shows 5785 channel frequency being used. (Since they are in different channel, we will talk more on "channel" in incoming articles).

Gaussian frequency shift keying (GFSK) is also a modulation method for digital communication found in many standards such as Bluetooth. It (GFSK) filters the data pulses with a Gaussian filter to make the transitions smoother.

This article should pretty much serves the last item on Radiotap Header Section.

Hands-on participation:

• Please take the time to reexamine your captured packet, what kind of messages being delivered in this section?
• Please kindly borrow another laptop, from your associates, and obtain similar Wireshark packet collections. Please don’t assume what worked for you in the first file will make same-items deliveries in the second file.