![Page 1: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/1.jpg)
#ATM15 |
Packets never lie: An in-depth overview of 802.11 frames
George M. Stefanick Jr
@ArubaNetworks
![Page 2: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/2.jpg)
2 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
BIO
George M. Stefanick Jr. Wireless Architect @ Houston Methodist Hospital – 6 years (7 WiFi Distros, 3,900 aps, 30,000 clients)
Previously worked for a Cisco Partner focused on Mobility for 8 years
Vendor and vendor neutral certifications
www.my80211.com and www.nostringsattachedshow.com (Desperate for friends)
Cisco VIP 2012,2013 and 2014 - Aruba MVP 2014 and 2015 (I have no life)
Consulting (training, site survey, deployment and troubleshooting) (Always indebt to the IRS)
Tech Editor:
Sybex: CCNA Wireless Study Guide; Todd Lammle
Cisco Press: Designing and Deploying 802.11 Wireless Networks: A Practical Guide to Implementing 802.11n and 802.11ac; Jim Geier
@ArubaNetworks
![Page 3: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/3.jpg)
3 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Devices that are in my wheelhouse
• Cardiac Imaging • Electronic Medical Record (EMR) • Mobile Ultrasound • Mobile Picture Archiving and Communications
systems (PACS) • RTLS • Mobile Robots • Infusion Pumps • Cows (Computer on Wheels) • Cisco 7925 Handsets • Vocera Badges • Mobile Cisco TelePresence VX Clinical Assistant • Roche Diagnostics ACCU-CHECK • Mobile EKG Carts
• Mobile Med Dispensing Carts • WorkGroup Bridges (WGB) • Mobile Deaf Response Devices • DaVinci Simulators • Laptops • Tablets • Smartphones • Crestron • Point to Point Links • Wireless Door Locks
@ArubaNetworks
![Page 4: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/4.jpg)
4 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Quick Poll
1. Who has a WiFi Analyzer in their tool bag ? 2. How confident are you with reading and
interpreting your captures ? 3. Who has solved a problem with packet
analysis ? 4. Any CWNP Certified folks ?
@ArubaNetworks
![Page 5: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/5.jpg)
5 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Agenda
• This session covers different 802.11 frame types as well as MSDU, MPDU, PSDU, PPDU and other terminology.
• We will explain and showcase some of the common problems you can solve with a packet analyzer.
@ArubaNetworks
![Page 6: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/6.jpg)
6 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Management, Control, and Data frames
Management – Beacon, Association Request, Association
Response, Reassociation Request, Reassociation Response, Probe Request, Probe Response, Disassociation, Authentication, Deauthentication, Action and Announcement Traffic Indication Message
– Management frames provide the foundation in how WiFi radios are able to detect, join and operate on a WiFi network.
Control – Power Save Poll (PS-Poll), Request to Send (RTS),
Clear to Send (CTS), Acknowledgement (ACK), CF-End +CF +ACK, Block ACK Request (BlockAckReq), and Block ACK (BlockAck).
– Control frames facilitate Data frame delivery. They are the traffic cops of 802.11 data frames.
Data – Data, NULL, Data+CF-Ack, Data+CF-Poll, Data
+CF-ACK+CF-Poll, CF-ACK, CF-Poll, CF-ACK, Qos Data, QoD Null, QoS Data+CF-ACK, QoS Data+CF-Poll, QoS Data +CF-ACK+CF-Poll and more ..
– Data frames are simple. They carry data payload from and to the upper layers.
@ArubaNetworks
![Page 7: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/7.jpg)
7 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Frame Headers, Information Fields, and Information Elements Are Not Encrypted
Layer 2 is not encrypted
Visible to anyone within range of the transmission, on channel and with a protocol analyzer
With the right tools someone can easily ease drop on your network transmissions
WiFi DOS Attacks are easily achieved on Layer 1 and Layer 2 – Layer 2 MFP (Management Frame
Protection)
Encryption secures Layer 3 and up (Data Frames) – NULL Data frames aren’t encrypted
because they don’t carry a data payload
@ArubaNetworks
![Page 8: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/8.jpg)
8 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Management Frames
Management
– Beacon, Association Request, Association Response, Reassociation Request, Reassociation Response, Probe Request, Probe Response, Disassociation, Authentication, Deauthentication, Action and Announcement Traffic Indication Message
– Management frames provide the foundation in how WiFi radios are able to detect, join and operate on a WiFi network.
@ArubaNetworks
![Page 9: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/9.jpg)
9 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: What’s inside a Beacon?
@ArubaNetworks
![Page 10: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/10.jpg)
10 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: Broadcast vs NonBroadcast
@ArubaNetworks
![Page 11: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/11.jpg)
11 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: Supported Rates
@ArubaNetworks
![Page 12: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/12.jpg)
12 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: Interval
@ArubaNetworks
![Page 13: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/13.jpg)
13 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: Cipher and AKM (CCMP/802.1X)
@ArubaNetworks
AKM 00-0F-AC-01: 802.1X 00-0F-AC-02: PSK
Cipher Suite 00-0F-AC-01: WEP 40 00-0F-AC-05: WEP 104 00-0F-AC-03: TKIP 00-0F-AC-04: CCMP
Pairwise Cipher Encryption: Unicast
Group Cipher Encryption: Multicast / Broadcast
![Page 14: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/14.jpg)
14 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: AirHeads Technology Blog – 30 Random Technical Thoughts by a WiFi Engineer
@ArubaNetworks
http://community.arubanetworks.com/t5/Technology-Blog/30-Random-Technical-Thoughts-by-a-WiFi-Engineer/ba-p/137033
30) You often see TKIP and AES referenced when securing a WiFi client. Really it should be referenced as TKIP and CCMP, not AES. TKIP and CCMP are encryption protocols. AES and RC4 are ciphers, CCMP/AES and TKIP/RC4. You can see vendors are mixing a cipher with a encryption protocol.
![Page 15: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/15.jpg)
15 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: Cipher and AKM (CCMP/TKIP/802.1X)
@ArubaNetworks
AKM 00-0F-AC-01: 802.1X 00-0F-AC-02: PSK
Cipher Suite 00-0F-AC-01: WEP 40 00-0F-AC-05: WEP 104 00-0F-AC-02: TKIP 00-0F-AC-04: CCMP
Group Cipher Encryption: Multicast / Broadcast
Pairwise Cipher Encryption: Unicast
![Page 16: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/16.jpg)
16 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: Cisco Proprietary / Vendor Specific
@ArubaNetworks
AP Name Station Count
![Page 17: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/17.jpg)
17 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: TIM / DTIM / COUNTRY
@ArubaNetworks
![Page 18: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/18.jpg)
18 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: China Atmosphere
@ArubaNetworks
![Page 19: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/19.jpg)
19 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: QBSS Load Station Count / Channel Util.
@ArubaNetworks
Station Count Channel Utilization
![Page 20: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/20.jpg)
20 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: 802.11n (HT) High Throughput
@ArubaNetworks
![Page 21: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/21.jpg)
21 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: 802.11n (HT) High Throughput
@ArubaNetworks
![Page 22: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/22.jpg)
22 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Beacon: 802.11ac (VHT) Very High Throughput
@ArubaNetworks
![Page 23: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/23.jpg)
23 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Probe: NULL Request
@ArubaNetworks
![Page 24: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/24.jpg)
24 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Probe: Direct Request
@ArubaNetworks
![Page 25: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/25.jpg)
25 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Probe: Request – Remembered Networks
@ArubaNetworks
![Page 26: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/26.jpg)
26 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Probe / Auth / Assoc Flow
@ArubaNetworks
![Page 27: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/27.jpg)
27 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Probe: Request
@ArubaNetworks
![Page 28: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/28.jpg)
28 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Probe: Response
@ArubaNetworks
![Page 29: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/29.jpg)
29 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11: Authentication
@ArubaNetworks
![Page 30: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/30.jpg)
30 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11: Authentication
@ArubaNetworks
![Page 31: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/31.jpg)
31 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11: Association Request
@ArubaNetworks
![Page 32: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/32.jpg)
32 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11: Association Response
@ArubaNetworks
![Page 33: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/33.jpg)
33 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 EAP Flow
@ArubaNetworks
![Page 34: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/34.jpg)
34 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 EAP: ID
@ArubaNetworks
![Page 35: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/35.jpg)
35 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
AirHeads
@ArubaNetworks
How secure is your EAP-PEAPv0 deployment ?
http://community.arubanetworks.com/t5/Technology-Blog/How-secure-is-your-EAP-PEAPv0-deployment/ba-p/216683
![Page 36: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/36.jpg)
36 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 EAP 4 Way Hand Shake
@ArubaNetworks
![Page 37: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/37.jpg)
37 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Control Frames
@ArubaNetworks
Control
Power Save Poll (PS-Poll), Request to Send (RTS), Clear to Send (CTS), Acknowledgement (ACK), CF-End +CF +ACK, Block ACK Request (BlockAckReq), and Block ACK (BlockAck). Control frames facilitate Data frame delivery. Control frames are the traffic cops of 802.11 data frames.
![Page 38: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/38.jpg)
38 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Frame Control Header Retry/To/From/NAV
@ArubaNetworks
![Page 39: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/39.jpg)
39 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 RTS
@ArubaNetworks
![Page 40: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/40.jpg)
40 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 CTS
@ArubaNetworks
![Page 41: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/41.jpg)
41 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 ACK
@ArubaNetworks
![Page 42: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/42.jpg)
42 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Block Acknowledgement Request
@ArubaNetworks
![Page 43: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/43.jpg)
43 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Block Acknowledgement
@ArubaNetworks
![Page 44: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/44.jpg)
44 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Data Frames
@ArubaNetworks
Data
Data, NULL, Data+CF-Ack, Data+CF-Poll, Data+CF-ACK+CF-Poll, CF-ACK, CF-Poll, CF-ACK, Qos Data, QoD Null, QoS Data+CF-ACK, QoS Data+CF-Poll, QoS Data +CF-ACK+CF-Poll and more .. Data frames are simple. They carry data payload from and to the upper layers.
![Page 45: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/45.jpg)
45 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Data Encrypted
@ArubaNetworks
![Page 46: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/46.jpg)
46 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Data Not Encrypted
@ArubaNetworks
![Page 47: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/47.jpg)
47 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
802.11 Data NULL Frame
@ArubaNetworks
![Page 48: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/48.jpg)
48 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Sniffing Challenges
@ArubaNetworks
802.11ac Get close to the radio Use Aps as sniffers Build filters and use triggers Know that you may miss frames Wildpackets WiFi Appliance AirMagnet
![Page 49: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/49.jpg)
49 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Real World Example – Wireless is slow
@ArubaNetworks
![Page 50: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/50.jpg)
50 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Real World Example – Wireless is slow
@ArubaNetworks
Retry (Frame Retransmission)
![Page 51: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/51.jpg)
51 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Real World Example – Clients dropping connection
@ArubaNetworks
![Page 52: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/52.jpg)
52 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Real World Example – Clients dropping connection
@ArubaNetworks
NAV 18,800 us
![Page 53: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/53.jpg)
53 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Real World Example – Slow connection lots of application drops
@ArubaNetworks
![Page 54: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/54.jpg)
54 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Real World Example – Slow connection lots of application drops
@ArubaNetworks
NULL FRAMES
PROBES
Channel Scanning
![Page 55: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/55.jpg)
55 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
LLC, MAC, PLCP, PMD
@ArubaNetworks
LLC, MAC, PLCP, PMD: Know the layers and what each layer does
![Page 56: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/56.jpg)
56 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
LLC, MAC, PLCP, PMD
@ArubaNetworks
LAYER 2 LLC – Logical Link Control LAYER 2 MAC – Media Access Control LAYER 1 PLCP – Physical Layer Convergence Procedure LAYER 1 PMD – Physical Medium Dependent
![Page 57: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/57.jpg)
57 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
LLC, MAC, PLCP, PMD
@ArubaNetworks
LAYER 2 LLC – Logical Link Control (MSDU) *Packet LAYER 2 MAC – Media Access Control (MPDU) * Frame LAYER 1 PLCP – Physical Layer Convergence Procedure(PSDU/PPDU) LAYER 1 PMD – Physical Medium Dependent (Bits)
![Page 58: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/58.jpg)
58 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
LLC, MAC, PLCP, PMD – Encapsulated Headers
@ArubaNetworks
![Page 59: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/59.jpg)
59 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Spectrum Masks – DSSS / OFDM
@ArubaNetworks
![Page 60: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/60.jpg)
60 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Modulation – 802.11 PRIME and 802.11b
@ArubaNetworks
1 PHY DBPSK 2 PHY DQPSK 5.5 PHY CCK 11 PHY CCK
![Page 61: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/61.jpg)
61 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Modulation – ERP-OFDM 802.11g
@ArubaNetworks
6 PHY BPSK 9 PHY BPSK 12 PHY QPSK 18 PHY QPSK 24 PHY QAM16 36 PHY QAM16 48 PHY QAM64 54 PHY QAM64
![Page 62: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/62.jpg)
62 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Modulation – OFDM 802.11a
@ArubaNetworks
6 PHY BPSK 9 PHY BPSK 12 PHY QPSK 18 PHY QPSK 24 PHY QAM16 36 PHY QAM16 48 PHY QAM64 54 PHY QAM64
![Page 63: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/63.jpg)
63 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
Modulation MIMO-OFDM 802.11n/ac
@ArubaNetworks
![Page 64: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/64.jpg)
64 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
How Bits Get Modulated
@ArubaNetworks
BPSK – 1 bit per modulation symbol at 180 degrees phase 2 wave forms (phases)
![Page 65: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/65.jpg)
65 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
How Bits Get Modulated
@ArubaNetworks
QPSK – 2 bits per modulation symbol at 90 degrees phase 4 wave forms (phases)
![Page 66: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/66.jpg)
66 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
How Bits Get Modulated
@ArubaNetworks
QAM64 – 6 bits per symbol / amplitude modulation
![Page 67: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/67.jpg)
67 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
How Bits Get Modulated
@ArubaNetworks
QAM256 – 8 bits per symbol / amplitude modulation
![Page 68: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/68.jpg)
68 CONFIDENTIAL © Copyright 2015. Aruba Networks, Inc. All rights reserved
#ATM15 |
Transition Content
How Bits Get Modulated
@ArubaNetworks
![Page 69: Packets never lie An in-depth overview of 802.11 frames small.pdf](https://reader034.vdocument.in/reader034/viewer/2022052318/586703031a28abfd408b9468/html5/thumbnails/69.jpg)
THANK YOU
69 #ATM15 | @ArubaNetworks