Deauthentication

 Deauthentication 

Type: 00

Subtype: 1100


    Deauthentication frames are different from Disassociation frames as they will force a client to completely renegotiate the connection/ reset the 802.11 state machine. Deauthenticating a client can sometimes be useful in troubleshooting if you need to recreate a problem as the client will start the connection from scratch, allowing you to capture all frames from the beginning of the conversation.

    Deauthentication frames can be sent broadcast or unicast from the AP or unicast by a client. The client's ability to send deauthentication frames means it is important to use protected management frames, so users on your network do not become victims of a deauthentication attack from a spoofed sender.


    Below is a deauthentication frame from a packet capture:


    There's not much to it. Note the reason code, there are reason codes 0-39 that will define why a client was deauthenticated. A few of these reasons are: Unspecified, 4-way handshake timeout, invalid pairwise cipher, unsupported RSNE version, 802.1X authentication failed, Requesting STA is leaving the BSS.

Simplified view of frame exchange:


You can also deauthenticate a client directly from a controller. For example, if you used the "Config Client Deauthenticate" command in Cisco:



Comments

Post a Comment

Popular posts from this blog

Following Design Processes

    It is important to use proper design methodology when designing wireless networks. WiFi has evolved numerous times since it was first implemented, yet I still see very outdated or flat out wrong ways of designing a wireless network. The biggest thing I find is that many places do not follow the design process when choosing to install a new or update an existing WLAN. Essentially we are throwing hardware at a design problem and expecting it to work. In this post, I'll cover the proper way to design a wireless network according to CWNP's guidance. Thank you CWDP-303 official study guide from CWNP for providing me with the ability to do so!  Define     This might be one of the most overlooked parts of the design process. This step in the process sets the foundation for a good, well thought out design. Instead of simply getting a floor plan and jumping straight into a network planner, let's understand who or what we are designing for. During this stage, meeting ...
Read more

Hamina Crash Course Video

Image
  45 minute crash course in using Hamina. The skills learned here can be transferable to other wireless design tools as well. Let me know what you think! This is the longest video I've made so far and I hope it can help new/aspiring engineers get comfortable with wireless design tools. Wow this post got some traction and shares on Linkedin! I'm relieved the community is welcoming of new amateur creators!! https://www.linkedin.com/feed/update/urn:li:activity:7168416689007644672/  
Read more