MY80211
INTEL WIRELESS
CCIE Wireless V3
Cisco Wireless
Wired Stuff
CCIE Wireless v2
WiFi Tablet Corner
My80211 Projects
WiFi Tools
CWNP or BUST Blogs!
My80211 White Papers (Coming Soon!)

Cisco Wireless Compatibility Matrix (Nov. 2011)

Archives - 802.1X Labs
Podcasts / Videos

My80211 Videos

Cisco: 802 11 frames with Cisco VIP George Stefanick

Fluke Networks: Minimize Wi Fi Network Downtime

Aruba: Packets never lie: An in-depth overview of 802.11 frames

ATM15 Ten Talk “Wifi drivers and devices”

Houston Methodist Innovates with Wireless Technology

Bruce Frederick Antennas (1/2)

 

Bruce Frederick dB,dBi,dBd (2/2)

Cisco AP Group Nugget

Info
Social Links
Revolution WiFi Capacity Planner

Blogroll Call
Cerification Guides and Books
IEEE 802.11 STANDARDS
Anchor / Office Extends Ports

 

Peek Inside Cisco's Gear

See inside Cisco's latest wireless gear!

2.4 GHz Channel Overlap

EXAMPLE 1  

EXAMPLE 2

EXAMPLE 3  

CWSP RELEASE DATE 2/08/2010
  • CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    by David D. Coleman, David A. Westcott, Bryan E. Harkins, Shawn M. Jackman

    Shawn Jackman (Jack) CWNE#54 is a personal friend and has been a mentor to me for many years.  I've had the pleasure and opportunity to work with Jack for 4 years. Jack is a great teacher who takes complex 802.11 standards and breaks them down so almost anyone can understand the concept at hand. I'm excited for you brother. Great job and job well done! Put another notch in the belt!

IEEE 802.11a/g/n Reference Sheet

 

LWAPP QoS Packet Tagging

 

 

Interference Types

BLUETOOTH
 

Microwave Oven
 

Cordless Phone

JAMMER!
 

« GEORGE STEFANICK - CWSP JOURNEY, (CHAPTER 5 – KEYS POST#4)- 9/10/2010 | Main | Cisco ACS Appliance / Solution Engine Not Responding To Pings?? »
Sunday
Jul042010

George Stefanick - CWSP Journey, (Chapter 5 – RSN POST#2) - 7/4/2010

DateSunday, July 4, 2010 at 4:40PM

  

George Stefanick - CWSP Journey, (Chapter 5 – RSN  POST#2) - 7/4/2010

RSN stands for (Robust Security Network) which was defined in the 802.11i - 2004 standard. This was later rolled under the 802.11-2007 standard (clause 8).  The purpose of RSN is to provide stronger encryption and authentication methods.

RSNA stands for (Robust Security Network Association). RSNA requires (2) 802.11 stations to establish procedures to authenticate and associate with each other as well as create dynamic encryption keys through the 4-way handshake. *Note an access point is also a referenced as a station* The 802.11-2007 standard defines two classes of security methods pre-RSNA and RSNA.  RSNA security methods use either TKIP/RC4 or CCMP/AES.  This leads me to believe that WPA/TKIP is a RSNA as well. Although not under the RSNIE.

RSNIE stands for (Robust Security Network Information Element). RSNIE is the information element found in certain management frames. The purpose of this information element is to show station compatibilities. RSNIE can identify encryption capabilities and authentication type (802.1X/EAP) and (PSK)

NOTE: There are ONLY 4 types of 802.11 frames that contain the RSN Information Element (RSNIE). Remember (2) of these packets come from the (BSS) access point and (2) of them come from the station. The following FRAMES contain the RSNIE (RSN INFORMATION ELEMENT) when WPA2 / 802.11i is enabled on the BSS.

ACCESS POINT (BSS): BEACON and PROBE RESPONSE frames
CLIENT (Station) : ASSOCIATION RESPONSE and REASSOCIATION RESPONSE frames

Pre-RSN stands for (Pre-Robust Security Network).  A pre-RSN uses static or dynamic WEP keys. Anything WEP is considered Pre-RSN.  

TSN stands for (Transition Security Network).  TSN supports both RSN and  pre-RSN legacy authentication and encryption on the same BSS. Example – Think of WEP with  WPA and/or WPA2 enabled on the same BSS. Pre-RSN +  RSN = TSN

 Below is the RSNIE

 

RSNIE is enabled when you choose WPA2 (personal  (PSK) or enterprise(802.1X/EAP))

Example #1  WPA/TKIP  

Note WPA / TKIP is enabled on this BSS. The WPA information element is populated as you can see. Notice you won’t see an RSNIE.  WPA is part of RSN, the sniffer just isnt labling it as such. 

Example#2  WPA/AES 

Note WPA / AES is enabled on this BSS. The WPA information element is populated.  Notice you won’t see an RSNIE even though AES is enable. WPA is part of RSN, the sniffer just isnt labling it as such. 

 

Example#3  WPA2/TKIP 

WPA2 / TKIP is enabled on this BSS. The RSN information element is populated.  Note you don’t see the WPA information element. Rather you see the RSN element becuase WPA2 was selected. 

Example#4 – WPA2/AES 

Note WPA2 / AES is enabled on this BSS. The RSN information element is populated.  Note you don’t see the WPA information element, because WPA is not selected.

 

 

Example#5   TSN (Transition Security Network) WEP , WPA/WPA2 (TKIP/AES)

This is an example of a single BSS allowing pre-RSN (WEP) and RSN clients. This becomes beneficial when you want to migrate from WEP to a more secure wireless network such as WPA2.   

 

 

AuthorGeorge | CommentPost a Comment |

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.