I'm doing a little Pen-Testing using my Laptop, phone (HTC Droid), and Desktop with a Wireless NIC.
When running Wireshark while my HTC Droid and Laptop are unassociated with a wireless network, I'm not picking up any Probes from any of these devices. The only traffic I'm seeing from them are null Broadcast frames that are announcing their presence.
Is there something I'm doing wrong, something I'm unaware of, or are my devices simply not broadcasting networks that are in its PNL (preferred network list) or cached networks?
P.S. On another note, the only time I see a Probe Request to any particular Access Point is when my laptop is actually associated to that Access Point.
asked 30 Aug '11, 14:10
edited 30 Aug '11, 14:19
Basically there is no need for wireless devices to probe networks just to see which are available. Every access point periodically sends out Beacon Frames (10 per second), from which the wireless clients can read all neccessary information like channel, SSID name, Encryption settings etc.
IF you have a wireless network not sending it's SSID in plaintext (hidden SSID), then your wireless device of course can't see it the network if there. For that + other reasons (on windows OS) networks in your PNL get probed to see if there is a probe response from the AP (meaning the network is in range). Why your HTC behaves different -> sorry no idea
So basically it's beacon frames every 100ms from every AP with or without plaintext SSID. Then when a client wants to connect you have the wireless 'handshake'
answered 31 Aug '11, 07:58