Questions for Wireshark Exercise – Download trace file


Questions for Wireshark Exercise – Download trace file

  1. Look at the first frame. What is the role of this frame in IEEE 802.11? Why is this frame not necessary in IEEE 802.3 Ethernet?
  2. Which device on the wireless LAN sends out the beacon frame? Based on this information, what is the MAC address of the wireless router?
  3. Based on the above question and the information in the beacon frame header fields, what information serves as the basic service set (BSS) identifier?
  4. The second packet in the capture is a probe request. What is the role of a probe-request frame in IEEE 802.11? Why is this frame not necessary in IEEE 802.3 Ethernet?
  5. Which device(s) send(s) out probe requests?
  6. What is the BSS ID of the destination in the probe request? What does this number signify?
  7. How are frames identified as beacon frames or probe-request frames or data frames? (Hint: look at the type/ subtype field.)
  8. Examine the MAC address fields in a few frames. What are the three MAC addresses included in all frames? Why is it necessary to include a third MAC address in 802.11 frames?
  9. Right-click an HTTP packet and select “Follow TCP stream.” What are the HTTP header fields in the first client request and the first server response? What are the values in these fields?
  10. Look up your etc\services file (In Windows, this file is usually located in C:\Windows\System32\drivers\etc). Which of these ports is a standard port? Paste the entire line from the etc\services file that contains information about this port.



Questions from the radio-header capture:

  1. Select any frame in the capture and expand all the sub-headers of the radiotap header (e.g., present flags and flags). What is the channel frequency at which the frame was transmitted?

The channel frequency is 2437 [BG 6]. The number 2437 indicates that the center frequency of the channel is 2.437 GHz. This may be compared to the information about wireless LAN channels, for example at

  1. Briefly describe the channels used by 802.11 b/g.

The 802.11 b/g technology divides the 2.4000–2.4835 GHz band into 13 channels, each of width 22 MHz but spaced only 5 MHz apart, with channel 1 centered on 2.412 GHz and 13 on 2.472 GHz. This isanalogous to the way radio and TV broadcast bands are sub-divided, to allow multiple stations to transmit simultaneously.Since the channels overlap, stations can only use every fourth or fifth channel without overlap. Therefore, base stations typically use channels 1, 6 and 11 to be able to operate independently of each other. Of course, as we have seen in the earlier questions, even if base stations do overlap, the frames include the BSS ID to help stations and access points to determine whether or not to process the frame. The only impact of using overlapping frequencies in 802.11 LANs is increased collisions (adapted from Wikipedia).

  1. Why is channel 6 one of the recommended channels for transmitting 802.11 wireless LAN data?

Channel 6 is one of the recommended channels for transmitting 802.11 wireless LAN data because it allows stations to transmit without overlapping with any other channel. This is possible if other overlapping base stations use channels 1 or 11.

  1. Was the frame transmitted using FHSS (Frequency Hopping Spread Spectrum) or OFDM (Orthogonal Frequency Division Multiplexing)?

From the flags in the channel-type field, we see that the frame was transmitted using OFDM (OFDM = true).