Scribd Logo
Upload

Welcome to Scribd!

  • CWNA Chapter 9 Lab Directions

    Uploaded by

    Abdelkebir Labyad
    88 views4 pages
    The document provides directions for a series of lab exercises analyzing wireless network traffic using packet capture software. The exercises involve: 1. Viewing beacon frames and their contents from an existing packet capture file. 2. Analyzing probe request, probe response, and null probe request frames to understand wireless scanning and discovery. 3. Examining authentication request and response frames using open system authentication. 4. Inspecting association request and response frames to understand client connection to an access point. 5. Looking at reassociation request and response frames regarding a client changing access points.

    Original Description:

    affs

    Original Title

    affs

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides directions for a series of lab exercises analyzing wireless network traffic using packet capture software. The exercises involve: 1. Viewing beacon frames and their contents from an existing packet capture file. 2. Analyzing probe request, probe response, and null probe request frames to understand wireless scanning and discovery. 3. Examining authentication request and response frames using open system authentication. 4. Inspecting association request and response frames to understand client connection to an access point. 5. Looking at reassociation request and response frames regarding a client changing access points.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    88 views4 pages

    CWNA Chapter 9 Lab Directions

    Uploaded by

    Abdelkebir Labyad
    The document provides directions for a series of lab exercises analyzing wireless network traffic using packet capture software. The exercises involve: 1. Viewing beacon frames and their contents from an existing packet capture file. 2. Analyzing probe request, probe response, and null probe request frames to understand wireless scanning and discovery. 3. Examining authentication request and response frames using open system authentication. 4. Inspecting association request and response frames to understand client connection to an access point. 5. Looking at reassociation request and response frames regarding a client changing access points.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    CWNA Chapter 9 Lab Directions

    Lab Exercise 9.1


    Viewing Beacon Frames
    1. To perform this exercise, you need to download and save the CWNA-CH9.PCAP file

    2. After the file is downloaded, you will need packet analysis software to open the file. If
    you do not already have a packet analyzer installed on your computer, you can download
    Wireshark from www.wireshark.org.

    3. Using the packet analyzer, open the CWNA-CH9.PCAP fi le. Most packet analyzers display
    a list of capture frames in the upper section of the screen, with each frame numbered
    sequentially in the first column.

    4. Click on one of the first eight frames. All of these frames are beacon frames.

    5. After selecting one of the beacon frames, in the lower section of the screen, browse
    through the information found inside the beacon frame body. You can expand a section
    by clicking on the plus sign next to the section.

    Lab Exercise 9.2


    Understanding Probe Requests and Probe Responses
    1. To perform this exercise, you need to use the CWNA-CH9.PCAP file

    2. After the file is downloaded, you will need packet analysis software to open the file. If
    you do not already have a packet analyzer installed on your computer, you can download
    Wireshark from www.wireshark.org.

    3. Using the packet analyzer, open the CWNA-CH9.PCAP file. Most packet analyzers display
    a list of capture frames in the upper section of the screen, with each frame numbered sequentially
    in the first column.

    4. Scroll down the list of frames and click on frame #416, which is a probe request.

    5. In the lower section of the screen, look at the SSID fi eld in the frame body and notice that this
    is a directed probe request.

    6. Click on frame #417, which is a probe response.


    7. In the lower section of the screen, browse through the information found inside the frame body
    and notice that the information is similar to a beacon frame.
    8. Click on frame #253, which is a probe request. Look at the SSID field in the frame body and
    notice that this is a null probe request, since it does not contain an SSID value.

    9. Click on frames #254, #255, and #256. Notice that there are three probe responses to the null
    probe request. Each probe response has a different SSID.

    Lab Exercise 9.3

    Using Open System Authentication


    1. To perform this exercise, you need use the CWNA-CH9.PCAP file.

    2. After the file is downloaded, you will need packet analysis software to open the file. If you do
    not already have a packet analyzer installed on your computer, you can download Wireshark
    from www.wireshark.org.

    3. Using the packet analyzer, open the CWNA-CH9.PCAP file. Most packet analyzers display
    a list of capture frames in the upper section of the screen, with each frame numbered sequentially
    in the first column.

    4. Scroll down the list of frames and click on frame #418, which is an authentication request.

    5. In the lower section of the screen, look at the 802.11 MAC header and note the source address
    and destination address.

    6. Click on frame #419, which is an authentication response. Look at the 802.11 MAC header
    and note that the source address is the AP’s BSSID and that the destination address is the MAC
    address of the client that sent the authentication request. Look at the frame body and note that
    authentication was successful.

    Exercise 9.4
    Understanding Association

    1. To perform this exercise, you need to use the CWNA-CH9.PCAP file

    2. After the file is downloaded, you will need packet analysis software to open the file. If you do
    not already have a packet analyzer installed on your computer, you can download
    Wireshark from www.wireshark.org

    3. Using the packet analyzer, open the CWNA-CH9.PCAP fi le. Most packet analyzers display
    a list of capture frames in the upper section of the screen, with each frame numbered sequentially
    in the first column.

    4. Scroll down the list of frames and click on frame #420, which is an association request. Look
    at the frame body.

    5. Click on frame #421, which is the association response. Look at the frame body and note that
    the association was successful and that the client received an AID number.

    Exercise 9.5
    Understanding Reassociation

    1. To perform this exercise, you need to use the CWNA-CH9.PCAP file

    2. After the file is downloaded, you will need packet analysis software to open the file. If you do
    not already have a packet analyzer installed on your computer, you can download Wireshark
    from www.wireshark.org.

    3. Using the packet analyzer, open the CWNA-CH9.PCAP fi le. Most packet analyzers display
    a list of capture frames in the upper section of the screen, with each frame numbered sequentially
    in the first column.

    4. Scroll down the list of frames and click on frame #658, which is a reassociation request. Look
    at the frame body.

    5. Click on frame #659, which is the reassociation response. Look at the frame body and note
    that the reassociation was successful and that the client received an AID number.

    Exercise 9.6
    Understanding Acknowledgment

    1. To perform this exercise, you need to use the CWNA-CH9.PCAP file

    2. After the file is downloaded, you will need packet analysis software to open the file. If
    you do not already have a packet analyzer installed on your computer, you can download
    Wireshark from www.wireshark.org.

    3. Using the packet analyzer, open the CWNA-CH9.PCAP fi le. Most packet analyzers display
    a list of capture frames in the upper section of the screen, with each frame numbered sequentially
    in the first column.

    4. Scroll down the list of frames and click on frame #1499, which is a data frame.
    5. Observe the frame exchanges between frame #1500 and frame #11178. Notice that all
    the unicast frames are being acknowledged by the receiving station.

    Exercise 9.7
    Using Data Frames

    1. To perform this exercise, you need to use the CWNA-CH9.PCAP file

    2. After the file is downloaded, you will need packet analysis software to open the file. If you do
    not already have a packet analyzer installed on your computer, you can download Wireshark
    from www.wireshark.org.

    3. Using the packet analyzer, open the CWNA-CH9.PCAP file. Most packet analyzers display
    a list of capture frames in the upper section of the screen, with each frame numbered sequentially
    in the first column.

    4. Scroll down the list of frames and click on frame #2001, which is an unencrypted simple data
    frame. Look at the frame body and notice the upper-layer information such as IP addresses and
    UDP port. This information is visible because no encryption is being used.

    5. Click on frame #689, which is a null function frame. Look at the 802.11 MAC header. Look in
    the Frame Control field and note that the Power Management bit is set to 1. The AP will now
    buffer the client’s traffic.

    You might also like