Figured I would pass this along. I started
reading chapter 15 in the CCNP Switch certification Guide; Integrating Wireless
LANs. While reading the first few pages, I quickly wanted to get a sniffer out
and check out all of these 802.11 frame specifications that it references.
Some examples are DIFS(duration timer) and the
random back off timer. I decided to fire up Wireshark, but the frames
kept appearing as 802.3(Ethernet) frames. This is known as "fake"
Ethernet headers. Unfortunately, with the current WIFI card installed in my
laptop, I won’t be able to sniff 802.11 traffic.
Per Wire Shark:
Without any interaction, capturing on WLAN's
may capture only user datapackets with "fake" Ethernet headers. In this case, you won't see any
802.11 management or control packets at all, and the 802.11 packet headers are
"translated" by the network driver to "fake" Ethernet
packet headers.
http://wiki.wireshark.org/CaptureSetup/WLAN
You can also download a 802.11 capture and learn how to read it by following this document.
http://www.cse.ust.hk/~muppala/csit5610/labs/Wireshark_labs/Wireshark_802_11.pdf
No comments:
Post a Comment