Greg Hammond

 RTS / CTS, What is it? When learning about the .11 protocol you will probably come across these terms, RTS or Request to Send and CTS or Clear to Send. Both of these frames are used in conjunction with each other to further control the medium. While we still have CSMA/CA and EDCA to moderate and prioritize various transmissions over the medium, in areas of high utilization or when large frames are used we need additional help. RTS/CTS helps us 'reserve' the medium for a period of time.    Initially a STA will send a RTS frame to an AP and include the duration it needs for transmission including the SIFS and PHY duration needed for the AP to respond. When the AP sends the CTS frame, its duration field will be the duration found in the RTS minus the CTS and minus the SIFS interval for that PHY.  Ive added some packet captures I did on my home network below so we can see the duration fields of each frame type and further understand how it is calculated.  We can cl...

 How a STA Connects to a BSS An Overview of the .11 State Machine  A Beacon These Beacon things keep coming up, and thats because they are probably one of the most important frames in wireless communications. If the STA is not pre-configured with a SSID it should connect to, it will use beacons to learn about the networks in the vicinity. Once that happens, we can begin moving through the connection process also know as the State Machine. The .11 State Machine Below is a diagram of the steps we will go through as we move through the states. Ive included pieces of a packet capture I took of my phone connecting to my home network. We will also see the 4 way handshake used by PSK authentication. Without any security in place there will be 3 states and 6 frames. With security there will be an additional state, and 4 more frames for the handshake. .1x adds even more frames but basically it adds frames for verifying the client and server identities. Also we are not including the ACK...

 CWNP Notes Ive been reading the new CWAP-404 book for the updated test released just a couple months ago. I am posting my notes in the menu bar as I read through the chapters, feel free to take a look. While they are organized and aligned with each section in the chapter, like most notes, some things will only make sense to me. Included are some packet captures that I have taken as well to add some context. Hopefully it will still give those who are curious a glimpse about what is covered in the new test. Im still fond of physical media so I purchased the book here (not an affiliate, just the first place that had it available). Also, the objectives for the new version of the test can be found here . In addition to the CWAP notes, I re-read some chapters from my CWNA-107 book and added those notes. 107 was retired and the most notable change was the addition of .11ax in 108. Once more copies become available on the used market I intend to pick one up to cover the latest standard....

How Do "Wifi Analyzers" Work? Simple, they extract the info from Beacon frames. Beacons contain all the information about an SSID, the capabilities of the network devices and other information that helps clients connect, roam and gather info about its environment. Beacons are sent out roughly every 100 milliseconds (102.4 to be exact) and are not encrypted so everyone on the channel can decipher them. Most free analyzers will passively scan for beacons across all channels and extract the info into an easy to read GUI. See my notes from Chapter 9: MAC of the CWNA study guide which details some info about Passive and Active Scanning.  Here a couple of screenshots the show the difference between the packet capture and GUI presentation.   Wireshark View     Wifiman (for Android) View       WinFi (for Windows) View While the packet capture shows us all the details, the GUIs usually breakout the most important stuff like SSID, RSSI, Channel, ...

 My Current Setup I feel like this is an obligatory post on personal tech blogs. Home labs are what you make of them. I do not believe we all need to have a full rack or do I believe we even need physical hardware depending on what you're interested in. Personally, I don't need a rack or even a quarter rack. While the equipment can be found somewhat cheap, its generally loud and power hungry and I don't have a proper space to keep it cool in the summer months. I admit everything I have is outdated for an enthusiast but it more or less gets the job done for my purposes.Most of the hardware except the wifi stuff was free from my last employer.   Ive broken up the diagram with various colors but don't pay too much attention to them. Its mainly to separate physical spaces, not networks (but those are still in VLANs) Starting with the top we have a basic Internet connection. Standard in my area is 100Mbps sadly unless I want to double my bill for 200Mbps. This feeds my OPNS...

  Im not against automation but just like everything else, it sometimes needs to be double checked. Heres a couple of screenshots about questionable automatically generated channel plans from WLAN controllers. One is from my work and another is my own setup.  This first one I can admit that it is probably trying its best. With only 3 non overlapping channels in the 2.4GHz band maybe it selected them to avoid over utilized channels. I cant do any in-depth analysis since the tools necessary are not allowed on my work laptop. However, the power levels for both radios on Channel 1 are very close to each other that I suspect a protocol analyzer would reveal issues.    This second one was after I reinstalled my Unifi controller but forgot to go through and verify everything was working as I wanted. Needless to say I wasnt only unhappy but also a little annoyed they would even allow that in their algorithm.    Nothing technical in this post. Just wanted to remin...

We keep adding devices to our houses. Whether its just new computers or game consoles, phones, various IoT devices (Alexa, Ring, Hue etc...) we are increasingly adding congestion to the airwaves.  Some might be tempted to go out and buy that shiny new Wifi 6 (802.11ax) router in hopes of improving their situation. But if your current router is only a few years old (Wifi 5 / 802.11ac) I invite you to try a few these items first. It may save you some money and help you understand where or what is causing your issues.  5 Things to Try First Proper Router Placement Channel Selection Channel Widths Avoid turning up the power Proper Device Placement 1. Proper Router Placement This step alone can substantially improve your networks ability to communicate with your devices. When I walk in to a friends house or even a business I often see the access point stuffed in a corner, on a shelf or an entertainment center. It is also very often far away from where most people use their devices,...