Wireless Security
Vendor specific information elements Apr 06 2009 07:48AM
Asier Martínez (axierr gmail com) (1 replies)
Re: Vendor specific information elements Apr 06 2009 01:17PM
Joshua Wright (jwright hasborg com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Asier Martínez wrote:
> recently I was doing some wireless security test in various vendor
> networks. In all of them, I found a lot of "unknown" information
> elements specific from some vendors ( like CCX Aironet, etc..).
> I was wondering if there is some kind of list of this IE tags
> somewhere, I tried several commercial sniffers and Wireshark seems to
> be the most complete doing this work. For the moment the only
> information I was able to find is in the wireshark source code.

Unfortunately, there isn't a great source of information here. I've
been able to derive interesting information from various tags (such as
the AP or controller IP address information), but often the data is a
mystery.

When looking at vendor IE tags, make sure you look at authentication and
association response, probe response tags as well as beacon tags. Not
all vendors include the same information in different frame types.

- -Josh
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iEYEARECAAYFAknaAP0ACgkQapC4Te3oxYxeagCgjpvurzJ6oP8ybheCmTWVTjcX
ZSUAn3EaLx8bjuttyceYf+Qwoyx+x3xH
=VnPQ
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus