Cace Technologies AirPcap Wireless Capture Adapters Benutzerhandbuch
AirPcap User’s Guide
7
The Control frames are used to improve the reliability characteristics of
the link. The establishment of a BSS through the process of discovery and
association is supported by the Management frames, including possible
authentication steps in the process.
the link. The establishment of a BSS through the process of discovery and
association is supported by the Management frames, including possible
authentication steps in the process.
It is beyond the scope of this brief introduction to describe the details of
these frames and their usage in the 802.11 protocol. If you are interested in
additional details, you can consult the following websites:
these frames and their usage in the 802.11 protocol. If you are interested in
additional details, you can consult the following websites:
http://standards.ieee.org/getieee802/802.11.html
http://www.wi-fiplanet.com/tutorials/article.php/1447501
http://technet2.microsoft.com/WindowsServer/en/library/370b019f-711f-
4d5a-8b1e-4289db0bcafd1033.mspx?mfr=true
4d5a-8b1e-4289db0bcafd1033.mspx?mfr=true
Another good source is the book 802.11® Wireless Networks: The
Definitive Guide (2
Definitive Guide (2
nd
Edition)
by Matthew Gast (ISBN-10 0-596-10052-
3).
How AirPcap Adapters Operate
The AirPcap adapter captures the traffic on a single channel at a time; the
channel setting for the AirPcap adapter can be changed using the AirPcap
Control Panel, or from the “Advanced Wireless Settings” dialog in
Wireshark. Depending on the capabilities of your AirPcap adapter, it can
be set to any valid 802.11a/b/g/n channel for packet capture.
channel setting for the AirPcap adapter can be changed using the AirPcap
Control Panel, or from the “Advanced Wireless Settings” dialog in
Wireshark. Depending on the capabilities of your AirPcap adapter, it can
be set to any valid 802.11a/b/g/n channel for packet capture.
All of the AirPcap adapters can operate in a completely passive mode.
This means that they can capture the traffic on a channel without
associating with an access point, or interacting with any other wireless
device. Unless you are transmitting with either AirPcapTx
This means that they can capture the traffic on a channel without
associating with an access point, or interacting with any other wireless
device. Unless you are transmitting with either AirPcapTx
or AirPcap Ex,
none of the adapters is detectable by any other wireless station.
The AirPcap adapters can work in, so called, Monitor Mode. In this mode,
the AirPcap adapter will capture all of the frames that are transferred on a
channel, not just frames that are addressed to it. This includes data frames,
control frames and management frames.
the AirPcap adapter will capture all of the frames that are transferred on a
channel, not just frames that are addressed to it. This includes data frames,
control frames and management frames.
When more than one BSS shares the same channel, the AirPcap adapter
will capture the data, control and management frames from all of the BSSs
that are sharing the channel and that are within range of the AirPcap
adapter.
will capture the data, control and management frames from all of the BSSs
that are sharing the channel and that are within range of the AirPcap
adapter.
The AirPcap software can optionally be configured to decrypt WEP-
encrypted frames. An arbitrary number of keys can be configured in the
driver at the same time, so that the driver can decrypt the traffic of more
than one access point at the same time. WPA and WPA2 support is
handled by applications such as Wireshark and Aircrack-ng. See the
encrypted frames. An arbitrary number of keys can be configured in the
driver at the same time, so that the driver can decrypt the traffic of more
than one access point at the same time. WPA and WPA2 support is
handled by applications such as Wireshark and Aircrack-ng. See the