Can My Sniffer Smell 802.11n?By CWNP On 08/31/2007 - 3 Comments
With 802.11n certified devices popping up all over the place (most due to the Wi-Fi Alliance's new certification testing), how long will it be before 802.11n APs become rogues? Well, that's already happened. How do we detect them? Fortunately, backwards compatibility is mandatory in 802.11n devices. DSSS/CCK (when using 2.4 GHz) or clause 17 OFDM rates (when using 5 GHz) are used for Beacons when either 20 MHz mode or 20/40 MHz mode is used. While Space-Time Block Coded (STBC) Beacons are supported (called Secondary Beacons), legacy Beacons still must be transmitted as the primary Beacon.Data frames transmitted by 802.11n devices may or may not use STBC (and therefore be detected by 802.11a/g WIPS), but rest assured, at some point, even an STBC capable AP (and client device) will transmit non-STBC frames and be detected by the WIPS. Additionally, Transmit Beamforming (TxBF) functionality will make it a little more difficult for WIPS sensors to capture all of the data stream between an STBC client and STBC AP, but nevertheless, the point isn't to analyze rogue traffic but rather to eliminate it.