CWNA Chapter 9 Lab Directions
CWNA Chapter 9 Lab Directions
CWNA Chapter 9 Lab Directions
2. After the file is downloaded, you will need packet analysis software to open the file. If
you do not already have a packet analyzer installed on your computer, you can download
Wireshark from www.wireshark.org.
3. Using the packet analyzer, open the CWNA-CH9.PCAP fi le. Most packet analyzers display
a list of capture frames in the upper section of the screen, with each frame numbered
sequentially in the first column.
4. Click on one of the first eight frames. All of these frames are beacon frames.
5. After selecting one of the beacon frames, in the lower section of the screen, browse
through the information found inside the beacon frame body. You can expand a section
by clicking on the plus sign next to the section.
2. After the file is downloaded, you will need packet analysis software to open the file. If
you do not already have a packet analyzer installed on your computer, you can download
Wireshark from www.wireshark.org.
3. Using the packet analyzer, open the CWNA-CH9.PCAP file. Most packet analyzers display
a list of capture frames in the upper section of the screen, with each frame numbered sequentially
in the first column.
4. Scroll down the list of frames and click on frame #416, which is a probe request.
5. In the lower section of the screen, look at the SSID fi eld in the frame body and notice that this
is a directed probe request.
9. Click on frames #254, #255, and #256. Notice that there are three probe responses to the null
probe request. Each probe response has a different SSID.
2. After the file is downloaded, you will need packet analysis software to open the file. If you do
not already have a packet analyzer installed on your computer, you can download Wireshark
from www.wireshark.org.
3. Using the packet analyzer, open the CWNA-CH9.PCAP file. Most packet analyzers display
a list of capture frames in the upper section of the screen, with each frame numbered sequentially
in the first column.
4. Scroll down the list of frames and click on frame #418, which is an authentication request.
5. In the lower section of the screen, look at the 802.11 MAC header and note the source address
and destination address.
6. Click on frame #419, which is an authentication response. Look at the 802.11 MAC header
and note that the source address is the AP’s BSSID and that the destination address is the MAC
address of the client that sent the authentication request. Look at the frame body and note that
authentication was successful.
Exercise 9.4
Understanding Association
2. After the file is downloaded, you will need packet analysis software to open the file. If you do
not already have a packet analyzer installed on your computer, you can download
Wireshark from www.wireshark.org
3. Using the packet analyzer, open the CWNA-CH9.PCAP fi le. Most packet analyzers display
a list of capture frames in the upper section of the screen, with each frame numbered sequentially
in the first column.
4. Scroll down the list of frames and click on frame #420, which is an association request. Look
at the frame body.
5. Click on frame #421, which is the association response. Look at the frame body and note that
the association was successful and that the client received an AID number.
Exercise 9.5
Understanding Reassociation
2. After the file is downloaded, you will need packet analysis software to open the file. If you do
not already have a packet analyzer installed on your computer, you can download Wireshark
from www.wireshark.org.
3. Using the packet analyzer, open the CWNA-CH9.PCAP fi le. Most packet analyzers display
a list of capture frames in the upper section of the screen, with each frame numbered sequentially
in the first column.
4. Scroll down the list of frames and click on frame #658, which is a reassociation request. Look
at the frame body.
5. Click on frame #659, which is the reassociation response. Look at the frame body and note
that the reassociation was successful and that the client received an AID number.
Exercise 9.6
Understanding Acknowledgment
2. After the file is downloaded, you will need packet analysis software to open the file. If
you do not already have a packet analyzer installed on your computer, you can download
Wireshark from www.wireshark.org.
3. Using the packet analyzer, open the CWNA-CH9.PCAP fi le. Most packet analyzers display
a list of capture frames in the upper section of the screen, with each frame numbered sequentially
in the first column.
4. Scroll down the list of frames and click on frame #1499, which is a data frame.
5. Observe the frame exchanges between frame #1500 and frame #11178. Notice that all
the unicast frames are being acknowledged by the receiving station.
Exercise 9.7
Using Data Frames
2. After the file is downloaded, you will need packet analysis software to open the file. If you do
not already have a packet analyzer installed on your computer, you can download Wireshark
from www.wireshark.org.
3. Using the packet analyzer, open the CWNA-CH9.PCAP file. Most packet analyzers display
a list of capture frames in the upper section of the screen, with each frame numbered sequentially
in the first column.
4. Scroll down the list of frames and click on frame #2001, which is an unencrypted simple data
frame. Look at the frame body and notice the upper-layer information such as IP addresses and
UDP port. This information is visible because no encryption is being used.
5. Click on frame #689, which is a null function frame. Look at the 802.11 MAC header. Look in
the Frame Control field and note that the Power Management bit is set to 1. The AP will now
buffer the client’s traffic.