Analysing Wireless Network Traffic Flashcards

1
Q

What is Packet Sniffing

A

Also known as a packet analyser
Hardware/Software used to intercept traffic on a network
Used by hackers to capture and analyse packets
Hacker can manipulate packets during MITM attack
Proper use - Network Admin
Wireshark - captures packets on a wireless network and can analyse them. These packets are generated in a pcap format

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Legal Implications

A

USA - Title 3 wiretap

Requires federal, state and other government officials to obtain judicial authorisation for intercepting “wire, oral and electronic” comms such as telephone conversation and emails.

Difficult to obtain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

IEEE 802.11

A

Defines a set of communication standards for Wireless LANs
Standards commonly referred to as WiFi
IEEE LAN/MAN standards committee is responsible for defining these communication standards
1st Standard = IEEE 802.11- 1997 - No longer in use
Replaced by IEEE 802.11 - 2007
Series of amendments in between…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Describe the various 802.11 Frames

A

Management Frames
Manage Comms on any Wireless LAN
Association Requests
Assoc Responses
Probes
Beacons
Unencrypted

Control Frames
Request to send
Clear to send
Acknowledge

Data Frames
Used to send data
Data Frames - Layer 2 protocol
Null Function = No Data
Logical-Link Control Type - IP

Frame Fields
MAC (Media Access Control) Address = 6 Byte Numerical Address
Req for each station

Service Set Identifier (SSID) = Text based Identifier for Wireless Network
Cloaked or uncloaked

Basic SSID (BSSID) = 6 byte number

Specific to MAC Address of WAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe the different Packet Sniffing Tools

A

Kismet (Mac OS, Linux and Windows)
Wireshark
Debookee - Mac OS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly