day 3 Flashcards
important parts of an 802.11 frame
..
address 1-4
1 MAC: Acknowledgement (destination)
2 MAC: Rare
3 MAC: Source MAC, Destination MAC, BSSID **most common!!!!!!
4 MAC: sending bridge, receiving bridge, source MAC, destination MAC
frame body
the maximum amount of data in a legacy 802.11 frame is 2304 bytes
802.11 frame types
….
management frames
connect and disconnect from a network
all management and control frames are sent in plaintext, even in a network protected by encryption.
ie. beacon frame (management frame)
probe response frame (contains client and AP MAC’s)
802.11w
ratified to increase the security of management frames
control frames
help deliver data frames
i.e. acknowledgement (ACK) frame–type of control frame
data frames
can be encrypted (the only type of the 3 frames)
wireless CO methodology
…
cyberspace ISR
focuses on tactical/operational intelligence and mapping adversary cyberspace to support military planning.
Made up of intel gathering and analysis/reporting
most time consuming!
survey
the focus of surveys is to get as much information about every available wireless network as possible.
(gather intel about networks)
use omnidirectional antennas.
the focus is on management frames (beacons)
collection
the goal of collection is to record specific intelligence from targets.
(gather intel on specific target using semidirectional antenna)
use of appropriate directional antennas and amplifiers increases the minimum distance needed from a target
a good fixed collection site has these three attributes:
- strong receive signal
- stealth
- safety
analysis and reporting…
at a minimum, analysts should ask themselves:
- what do i know
- what else do i need to know
- who do i tell
target nomination and intel gain/loss assessment
phase where a decision will be made to perform cyberspace OPE or OCO against a target