How to know what type of security a particular Wi-Fi is using, without connecting?
As we know, Wi-Fi APs can make use of different encryption schemes such as WEP, WPA, and WPA2. How can we detect this without connecting to the AP?
In other words, I want to know that what type of encryption protocol a particular Wi-Fi AP is running?
I have sniffing tools, but I do not know in what frame this information is transmitted by AP.
wireless-networking encryption wireless-access-point wpa wpa2
New contributor
add a comment |
As we know, Wi-Fi APs can make use of different encryption schemes such as WEP, WPA, and WPA2. How can we detect this without connecting to the AP?
In other words, I want to know that what type of encryption protocol a particular Wi-Fi AP is running?
I have sniffing tools, but I do not know in what frame this information is transmitted by AP.
wireless-networking encryption wireless-access-point wpa wpa2
New contributor
@LPChip Supported security modes are broadcast in the clear in every beacon. No challenge necessary. A fake connection attempt would only be necessary to get deeper details; like if the beacon said 802.1X would be required, you'd need to do a fake connection attempt to find out which EAP methods are supported. But from beacons you can get the list of supported ciphers and whether it's PSK or 802.1X authentication.
– Spiff
Jan 8 at 22:00
add a comment |
As we know, Wi-Fi APs can make use of different encryption schemes such as WEP, WPA, and WPA2. How can we detect this without connecting to the AP?
In other words, I want to know that what type of encryption protocol a particular Wi-Fi AP is running?
I have sniffing tools, but I do not know in what frame this information is transmitted by AP.
wireless-networking encryption wireless-access-point wpa wpa2
New contributor
As we know, Wi-Fi APs can make use of different encryption schemes such as WEP, WPA, and WPA2. How can we detect this without connecting to the AP?
In other words, I want to know that what type of encryption protocol a particular Wi-Fi AP is running?
I have sniffing tools, but I do not know in what frame this information is transmitted by AP.
wireless-networking encryption wireless-access-point wpa wpa2
wireless-networking encryption wireless-access-point wpa wpa2
New contributor
New contributor
edited Jan 8 at 21:45
Spiff
76.7k10117163
76.7k10117163
New contributor
asked Jan 8 at 7:54
Umair AnwarUmair Anwar
1
1
New contributor
New contributor
@LPChip Supported security modes are broadcast in the clear in every beacon. No challenge necessary. A fake connection attempt would only be necessary to get deeper details; like if the beacon said 802.1X would be required, you'd need to do a fake connection attempt to find out which EAP methods are supported. But from beacons you can get the list of supported ciphers and whether it's PSK or 802.1X authentication.
– Spiff
Jan 8 at 22:00
add a comment |
@LPChip Supported security modes are broadcast in the clear in every beacon. No challenge necessary. A fake connection attempt would only be necessary to get deeper details; like if the beacon said 802.1X would be required, you'd need to do a fake connection attempt to find out which EAP methods are supported. But from beacons you can get the list of supported ciphers and whether it's PSK or 802.1X authentication.
– Spiff
Jan 8 at 22:00
@LPChip Supported security modes are broadcast in the clear in every beacon. No challenge necessary. A fake connection attempt would only be necessary to get deeper details; like if the beacon said 802.1X would be required, you'd need to do a fake connection attempt to find out which EAP methods are supported. But from beacons you can get the list of supported ciphers and whether it's PSK or 802.1X authentication.
– Spiff
Jan 8 at 22:00
@LPChip Supported security modes are broadcast in the clear in every beacon. No challenge necessary. A fake connection attempt would only be necessary to get deeper details; like if the beacon said 802.1X would be required, you'd need to do a fake connection attempt to find out which EAP methods are supported. But from beacons you can get the list of supported ciphers and whether it's PSK or 802.1X authentication.
– Spiff
Jan 8 at 22:00
add a comment |
1 Answer
1
active
oldest
votes
Every Beacon frame contains a list of Information Elements (IEs), which are just TLV records. There are two IEs that may be present and may contain information about which security modes are available on this AP.
The older one is known as the "WPA IE", and is present if original WPA is supported.
The newer one is known as the "RSN IE", and is present if WPA2 is supported, or if any other subset of IEEE 802.11i "Robust Security Networking (RSN)" is supported.
Wireshark can decode both of those IEs for you. Just use Wireshark in 802.11 Monitor Mode to capture management frames, tune your capture radio to the channel your target AP is on, and capture some Beacon frames from that AP.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Umair Anwar is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1391789%2fhow-to-know-what-type-of-security-a-particular-wi-fi-is-using-without-connectin%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Every Beacon frame contains a list of Information Elements (IEs), which are just TLV records. There are two IEs that may be present and may contain information about which security modes are available on this AP.
The older one is known as the "WPA IE", and is present if original WPA is supported.
The newer one is known as the "RSN IE", and is present if WPA2 is supported, or if any other subset of IEEE 802.11i "Robust Security Networking (RSN)" is supported.
Wireshark can decode both of those IEs for you. Just use Wireshark in 802.11 Monitor Mode to capture management frames, tune your capture radio to the channel your target AP is on, and capture some Beacon frames from that AP.
add a comment |
Every Beacon frame contains a list of Information Elements (IEs), which are just TLV records. There are two IEs that may be present and may contain information about which security modes are available on this AP.
The older one is known as the "WPA IE", and is present if original WPA is supported.
The newer one is known as the "RSN IE", and is present if WPA2 is supported, or if any other subset of IEEE 802.11i "Robust Security Networking (RSN)" is supported.
Wireshark can decode both of those IEs for you. Just use Wireshark in 802.11 Monitor Mode to capture management frames, tune your capture radio to the channel your target AP is on, and capture some Beacon frames from that AP.
add a comment |
Every Beacon frame contains a list of Information Elements (IEs), which are just TLV records. There are two IEs that may be present and may contain information about which security modes are available on this AP.
The older one is known as the "WPA IE", and is present if original WPA is supported.
The newer one is known as the "RSN IE", and is present if WPA2 is supported, or if any other subset of IEEE 802.11i "Robust Security Networking (RSN)" is supported.
Wireshark can decode both of those IEs for you. Just use Wireshark in 802.11 Monitor Mode to capture management frames, tune your capture radio to the channel your target AP is on, and capture some Beacon frames from that AP.
Every Beacon frame contains a list of Information Elements (IEs), which are just TLV records. There are two IEs that may be present and may contain information about which security modes are available on this AP.
The older one is known as the "WPA IE", and is present if original WPA is supported.
The newer one is known as the "RSN IE", and is present if WPA2 is supported, or if any other subset of IEEE 802.11i "Robust Security Networking (RSN)" is supported.
Wireshark can decode both of those IEs for you. Just use Wireshark in 802.11 Monitor Mode to capture management frames, tune your capture radio to the channel your target AP is on, and capture some Beacon frames from that AP.
answered Jan 8 at 21:56
SpiffSpiff
76.7k10117163
76.7k10117163
add a comment |
add a comment |
Umair Anwar is a new contributor. Be nice, and check out our Code of Conduct.
Umair Anwar is a new contributor. Be nice, and check out our Code of Conduct.
Umair Anwar is a new contributor. Be nice, and check out our Code of Conduct.
Umair Anwar is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1391789%2fhow-to-know-what-type-of-security-a-particular-wi-fi-is-using-without-connectin%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
@LPChip Supported security modes are broadcast in the clear in every beacon. No challenge necessary. A fake connection attempt would only be necessary to get deeper details; like if the beacon said 802.1X would be required, you'd need to do a fake connection attempt to find out which EAP methods are supported. But from beacons you can get the list of supported ciphers and whether it's PSK or 802.1X authentication.
– Spiff
Jan 8 at 22:00