connection to AP after what stage? 802.11b protocol











up vote
1
down vote

favorite












I'm seeing several devices trying to connect to an AP (using wireshark), several send and receive the "Probe response" message (802.11)
enter image description here

But the don't even send the association request.
Why is that? does the connection considered to be closed or open only after the probe response?

How did they know not to sent the association request?
Here is a response packet of a device that didn't sent a association request afterwords



Frame 442: 243 bytes on wire (1944 bits), 243 bytes captured (1944 bits) on interface 0
Interface id: 0 (\.airpcap00)
Encapsulation type: IEEE 802.11 plus radiotap radio header (23)
Arrival Time: Mar 18, 2014 21:32:31.171606000 Jerusalem Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1395171151.171606000 seconds
[Time delta from previous captured frame: 0.002142000 seconds]
[Time delta from previous displayed frame: 0.096003000 seconds]
[Time since reference or first frame: 13.290039000 seconds]
Frame Number: 442
Frame Length: 243 bytes (1944 bits)
Capture Length: 243 bytes (1944 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: radiotap:wlan_radio:wlan]
Radiotap Header v0, Length 20
Header revision: 0
Header pad: 0
Header length: 20
Present flags
Present flags word: 0x000018ee
Flags: 0x10
.... ...0 = CFP: False
.... ..0. = Preamble: Long
.... .0.. = WEP: False
.... 0... = Fragmentation: False
...1 .... = FCS at end: True
..0. .... = Data Pad: False
.0.. .... = Bad FCS: False
0... .... = Short GI: False
Data Rate: 1.0 Mb/s
Channel frequency: 2412 [BG 1]
Channel flags: 0x00a0, Complementary Code Keying (CCK), 2 GHz spectrum
Antenna signal: -70dBm
Antenna noise: -100dBm
Signal Quality: 76
Antenna: 0
dB antenna signal: 30dB
802.11 radio information
PHY type: 802.11b (4)
Short preamble: False
Data rate: 1.0 Mb/s
Channel: 1
Frequency: 2412MHz
Signal strength (dBm): -70dBm
Noise level (dBm): -100dBm
[Duration: 1976µs]
IEEE 802.11 Probe Response, Flags: ........C
Type/Subtype: Probe Response (0x0005)
Frame Control Field: 0x5000
.... ..00 = Version: 0
.... 00.. = Type: Management frame (0)
0101 .... = Subtype: 5
Flags: 0x00
.000 0001 0011 1010 = Duration: 314 microseconds
Receiver address: SamsungE_74:b9:f9 (d0:22:be:74:b9:f9)
Destination address: SamsungE_74:b9:f9 (d0:22:be:74:b9:f9)
Transmitter address: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
Source address: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
BSS Id: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
.... .... .... 0000 = Fragment number: 0
0010 1000 0011 .... = Sequence number: 643
Frame check sequence: 0xeb99cc98 [correct]
[FCS Status: Good]
IEEE 802.11 wireless LAN
Fixed parameters (12 bytes)
Timestamp: 0x0000008df2ce0b90
Beacon Interval: 0.102400 [Seconds]
Capabilities Information: 0x0411
.... .... .... ...1 = ESS capabilities: Transmitter is an AP
.... .... .... ..0. = IBSS status: Transmitter belongs to a BSS
.... ..0. .... 00.. = CFP participation capabilities: No point coordinator at AP (0x00)
.... .... ...1 .... = Privacy: AP/STA can support WEP
.... .... ..0. .... = Short Preamble: Not Allowed
.... .... .0.. .... = PBCC: Not Allowed
.... .... 0... .... = Channel Agility: Not in use
.... ...0 .... .... = Spectrum Management: Not Implemented
.... .1.. .... .... = Short Slot Time: In use
.... 0... .... .... = Automatic Power Save Delivery: Not Implemented
...0 .... .... .... = Radio Measurement: Not Implemented
..0. .... .... .... = DSSS-OFDM: Not Allowed
.0.. .... .... .... = Delayed Block Ack: Not Implemented
0... .... .... .... = Immediate Block Ack: Not Implemented
Tagged parameters (183 bytes)
Tag: SSID parameter set: HOTBOX-9810
Tag Number: SSID parameter set (0)
Tag length: 11
SSID: HOTBOX-9810
Tag: Supported Rates 1(B), 2(B), 5.5(B), 11(B), 18, 24, 36, 54, [Mbit/sec]
Tag Number: Supported Rates (1)
Tag length: 8
Supported Rates: 1(B) (0x82)
Supported Rates: 2(B) (0x84)
Supported Rates: 5.5(B) (0x8b)
Supported Rates: 11(B) (0x96)
Supported Rates: 18 (0x24)
Supported Rates: 24 (0x30)
Supported Rates: 36 (0x48)
Supported Rates: 54 (0x6c)
Tag: DS Parameter set: Current Channel: 1
Tag Number: DS Parameter set (3)
Tag length: 1
Current Channel: 1
Tag: ERP Information
Tag Number: ERP Information (42)
Tag length: 1
ERP Information: 0x00
Tag: ERP Information
Tag Number: ERP Information (47)
Tag length: 1
ERP Information: 0x00
Tag: RSN Information
Tag Number: RSN Information (48)
Tag length: 24
RSN Version: 1
Group Cipher Suite: 00:0f:ac (Ieee 802.11) TKIP
Pairwise Cipher Suite Count: 2
Pairwise Cipher Suite List 00:0f:ac (Ieee 802.11) AES (CCM) 00:0f:ac (Ieee 802.11) TKIP
Auth Key Management (AKM) Suite Count: 1
Auth Key Management (AKM) List 00:0f:ac (Ieee 802.11) PSK
RSN Capabilities: 0x000c
Tag: Extended Supported Rates 6, 9, 12, 48, [Mbit/sec]
Tag Number: Extended Supported Rates (50)
Tag length: 4
Extended Supported Rates: 6 (0x0c)
Extended Supported Rates: 9 (0x12)
Extended Supported Rates: 12 (0x18)
Extended Supported Rates: 48 (0x60)
Tag: HT Capabilities (802.11n D1.10)
Tag Number: HT Capabilities (802.11n D1.10) (45)
Tag length: 26
HT Capabilities Info: 0x18fc
A-MPDU Parameters: 0x1b
Rx Supported Modulation and Coding Scheme Set: MCS Set
HT Extended Capabilities: 0x0000
Transmit Beam Forming (TxBF) Capabilities: 0x00000000
Antenna Selection (ASEL) Capabilities: 0x00
Tag: HT Information (802.11n D1.10)
Tag Number: HT Information (802.11n D1.10) (61)
Tag length: 22
Primary Channel: 1
HT Information Subset (1 of 3): 0x08
HT Information Subset (2 of 3): 0x0004
HT Information Subset (3 of 3): 0x0000
Rx Supported Modulation and Coding Scheme Set: Basic MCS Set
Tag: Vendor Specific: Broadcom
Tag Number: Vendor Specific (221)
Tag length: 9
OUI: 00:10:18 (Broadcom)
Vendor Specific OUI Type: 2
Vendor Specific Data: 0201f02c0000
Tag: Vendor Specific: Microsoft Corp.: WPA Information Element
Tag Number: Vendor Specific (221)
Tag length: 28
OUI: 00:50:f2 (Microsoft Corp.)
Vendor Specific OUI Type: 1
Type: WPA Information Element (0x01)
WPA Version: 1
Multicast Cipher Suite: 00:50:f2 (Microsoft Corp.) TKIP
Unicast Cipher Suite Count: 2
Unicast Cipher Suite List 00:50:f2 (Microsoft Corp.) AES (CCM) 00:50:f2 (Microsoft Corp.) TKIP
Auth Key Management (AKM) Suite Count: 1
Auth Key Management (AKM) List 00:50:f2 (Microsoft Corp.) PSK
Tag: Vendor Specific: Microsoft Corp.: WMM/WME: Parameter Element
Tag Number: Vendor Specific (221)
Tag length: 24
OUI: 00:50:f2 (Microsoft Corp.)
Vendor Specific OUI Type: 2
Type: WMM/WME (0x02)
WME Subtype: Parameter Element (1)
WME Version: 1
WME QoS Info: 0x80
Reserved: 00
Ac Parameters ACI 0 (Best Effort), ACM no, AIFSN 3, ECWmin/max 4/10 (CWmin/max 15/1023), TXOP 0
Ac Parameters ACI 1 (Background), ACM no, AIFSN 7, ECWmin/max 4/10 (CWmin/max 15/1023), TXOP 0
Ac Parameters ACI 2 (Video), ACM no, AIFSN 2, ECWmin/max 3/4 (CWmin/max 7/15), TXOP 94
Ac Parameters ACI 3 (Voice), ACM no, AIFSN 2, ECWmin/max 2/3 (CWmin/max 3/7), TXOP 47









share|improve this question


























    up vote
    1
    down vote

    favorite












    I'm seeing several devices trying to connect to an AP (using wireshark), several send and receive the "Probe response" message (802.11)
    enter image description here

    But the don't even send the association request.
    Why is that? does the connection considered to be closed or open only after the probe response?

    How did they know not to sent the association request?
    Here is a response packet of a device that didn't sent a association request afterwords



    Frame 442: 243 bytes on wire (1944 bits), 243 bytes captured (1944 bits) on interface 0
    Interface id: 0 (\.airpcap00)
    Encapsulation type: IEEE 802.11 plus radiotap radio header (23)
    Arrival Time: Mar 18, 2014 21:32:31.171606000 Jerusalem Standard Time
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1395171151.171606000 seconds
    [Time delta from previous captured frame: 0.002142000 seconds]
    [Time delta from previous displayed frame: 0.096003000 seconds]
    [Time since reference or first frame: 13.290039000 seconds]
    Frame Number: 442
    Frame Length: 243 bytes (1944 bits)
    Capture Length: 243 bytes (1944 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: radiotap:wlan_radio:wlan]
    Radiotap Header v0, Length 20
    Header revision: 0
    Header pad: 0
    Header length: 20
    Present flags
    Present flags word: 0x000018ee
    Flags: 0x10
    .... ...0 = CFP: False
    .... ..0. = Preamble: Long
    .... .0.. = WEP: False
    .... 0... = Fragmentation: False
    ...1 .... = FCS at end: True
    ..0. .... = Data Pad: False
    .0.. .... = Bad FCS: False
    0... .... = Short GI: False
    Data Rate: 1.0 Mb/s
    Channel frequency: 2412 [BG 1]
    Channel flags: 0x00a0, Complementary Code Keying (CCK), 2 GHz spectrum
    Antenna signal: -70dBm
    Antenna noise: -100dBm
    Signal Quality: 76
    Antenna: 0
    dB antenna signal: 30dB
    802.11 radio information
    PHY type: 802.11b (4)
    Short preamble: False
    Data rate: 1.0 Mb/s
    Channel: 1
    Frequency: 2412MHz
    Signal strength (dBm): -70dBm
    Noise level (dBm): -100dBm
    [Duration: 1976µs]
    IEEE 802.11 Probe Response, Flags: ........C
    Type/Subtype: Probe Response (0x0005)
    Frame Control Field: 0x5000
    .... ..00 = Version: 0
    .... 00.. = Type: Management frame (0)
    0101 .... = Subtype: 5
    Flags: 0x00
    .000 0001 0011 1010 = Duration: 314 microseconds
    Receiver address: SamsungE_74:b9:f9 (d0:22:be:74:b9:f9)
    Destination address: SamsungE_74:b9:f9 (d0:22:be:74:b9:f9)
    Transmitter address: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
    Source address: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
    BSS Id: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
    .... .... .... 0000 = Fragment number: 0
    0010 1000 0011 .... = Sequence number: 643
    Frame check sequence: 0xeb99cc98 [correct]
    [FCS Status: Good]
    IEEE 802.11 wireless LAN
    Fixed parameters (12 bytes)
    Timestamp: 0x0000008df2ce0b90
    Beacon Interval: 0.102400 [Seconds]
    Capabilities Information: 0x0411
    .... .... .... ...1 = ESS capabilities: Transmitter is an AP
    .... .... .... ..0. = IBSS status: Transmitter belongs to a BSS
    .... ..0. .... 00.. = CFP participation capabilities: No point coordinator at AP (0x00)
    .... .... ...1 .... = Privacy: AP/STA can support WEP
    .... .... ..0. .... = Short Preamble: Not Allowed
    .... .... .0.. .... = PBCC: Not Allowed
    .... .... 0... .... = Channel Agility: Not in use
    .... ...0 .... .... = Spectrum Management: Not Implemented
    .... .1.. .... .... = Short Slot Time: In use
    .... 0... .... .... = Automatic Power Save Delivery: Not Implemented
    ...0 .... .... .... = Radio Measurement: Not Implemented
    ..0. .... .... .... = DSSS-OFDM: Not Allowed
    .0.. .... .... .... = Delayed Block Ack: Not Implemented
    0... .... .... .... = Immediate Block Ack: Not Implemented
    Tagged parameters (183 bytes)
    Tag: SSID parameter set: HOTBOX-9810
    Tag Number: SSID parameter set (0)
    Tag length: 11
    SSID: HOTBOX-9810
    Tag: Supported Rates 1(B), 2(B), 5.5(B), 11(B), 18, 24, 36, 54, [Mbit/sec]
    Tag Number: Supported Rates (1)
    Tag length: 8
    Supported Rates: 1(B) (0x82)
    Supported Rates: 2(B) (0x84)
    Supported Rates: 5.5(B) (0x8b)
    Supported Rates: 11(B) (0x96)
    Supported Rates: 18 (0x24)
    Supported Rates: 24 (0x30)
    Supported Rates: 36 (0x48)
    Supported Rates: 54 (0x6c)
    Tag: DS Parameter set: Current Channel: 1
    Tag Number: DS Parameter set (3)
    Tag length: 1
    Current Channel: 1
    Tag: ERP Information
    Tag Number: ERP Information (42)
    Tag length: 1
    ERP Information: 0x00
    Tag: ERP Information
    Tag Number: ERP Information (47)
    Tag length: 1
    ERP Information: 0x00
    Tag: RSN Information
    Tag Number: RSN Information (48)
    Tag length: 24
    RSN Version: 1
    Group Cipher Suite: 00:0f:ac (Ieee 802.11) TKIP
    Pairwise Cipher Suite Count: 2
    Pairwise Cipher Suite List 00:0f:ac (Ieee 802.11) AES (CCM) 00:0f:ac (Ieee 802.11) TKIP
    Auth Key Management (AKM) Suite Count: 1
    Auth Key Management (AKM) List 00:0f:ac (Ieee 802.11) PSK
    RSN Capabilities: 0x000c
    Tag: Extended Supported Rates 6, 9, 12, 48, [Mbit/sec]
    Tag Number: Extended Supported Rates (50)
    Tag length: 4
    Extended Supported Rates: 6 (0x0c)
    Extended Supported Rates: 9 (0x12)
    Extended Supported Rates: 12 (0x18)
    Extended Supported Rates: 48 (0x60)
    Tag: HT Capabilities (802.11n D1.10)
    Tag Number: HT Capabilities (802.11n D1.10) (45)
    Tag length: 26
    HT Capabilities Info: 0x18fc
    A-MPDU Parameters: 0x1b
    Rx Supported Modulation and Coding Scheme Set: MCS Set
    HT Extended Capabilities: 0x0000
    Transmit Beam Forming (TxBF) Capabilities: 0x00000000
    Antenna Selection (ASEL) Capabilities: 0x00
    Tag: HT Information (802.11n D1.10)
    Tag Number: HT Information (802.11n D1.10) (61)
    Tag length: 22
    Primary Channel: 1
    HT Information Subset (1 of 3): 0x08
    HT Information Subset (2 of 3): 0x0004
    HT Information Subset (3 of 3): 0x0000
    Rx Supported Modulation and Coding Scheme Set: Basic MCS Set
    Tag: Vendor Specific: Broadcom
    Tag Number: Vendor Specific (221)
    Tag length: 9
    OUI: 00:10:18 (Broadcom)
    Vendor Specific OUI Type: 2
    Vendor Specific Data: 0201f02c0000
    Tag: Vendor Specific: Microsoft Corp.: WPA Information Element
    Tag Number: Vendor Specific (221)
    Tag length: 28
    OUI: 00:50:f2 (Microsoft Corp.)
    Vendor Specific OUI Type: 1
    Type: WPA Information Element (0x01)
    WPA Version: 1
    Multicast Cipher Suite: 00:50:f2 (Microsoft Corp.) TKIP
    Unicast Cipher Suite Count: 2
    Unicast Cipher Suite List 00:50:f2 (Microsoft Corp.) AES (CCM) 00:50:f2 (Microsoft Corp.) TKIP
    Auth Key Management (AKM) Suite Count: 1
    Auth Key Management (AKM) List 00:50:f2 (Microsoft Corp.) PSK
    Tag: Vendor Specific: Microsoft Corp.: WMM/WME: Parameter Element
    Tag Number: Vendor Specific (221)
    Tag length: 24
    OUI: 00:50:f2 (Microsoft Corp.)
    Vendor Specific OUI Type: 2
    Type: WMM/WME (0x02)
    WME Subtype: Parameter Element (1)
    WME Version: 1
    WME QoS Info: 0x80
    Reserved: 00
    Ac Parameters ACI 0 (Best Effort), ACM no, AIFSN 3, ECWmin/max 4/10 (CWmin/max 15/1023), TXOP 0
    Ac Parameters ACI 1 (Background), ACM no, AIFSN 7, ECWmin/max 4/10 (CWmin/max 15/1023), TXOP 0
    Ac Parameters ACI 2 (Video), ACM no, AIFSN 2, ECWmin/max 3/4 (CWmin/max 7/15), TXOP 94
    Ac Parameters ACI 3 (Voice), ACM no, AIFSN 2, ECWmin/max 2/3 (CWmin/max 3/7), TXOP 47









    share|improve this question
























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      I'm seeing several devices trying to connect to an AP (using wireshark), several send and receive the "Probe response" message (802.11)
      enter image description here

      But the don't even send the association request.
      Why is that? does the connection considered to be closed or open only after the probe response?

      How did they know not to sent the association request?
      Here is a response packet of a device that didn't sent a association request afterwords



      Frame 442: 243 bytes on wire (1944 bits), 243 bytes captured (1944 bits) on interface 0
      Interface id: 0 (\.airpcap00)
      Encapsulation type: IEEE 802.11 plus radiotap radio header (23)
      Arrival Time: Mar 18, 2014 21:32:31.171606000 Jerusalem Standard Time
      [Time shift for this packet: 0.000000000 seconds]
      Epoch Time: 1395171151.171606000 seconds
      [Time delta from previous captured frame: 0.002142000 seconds]
      [Time delta from previous displayed frame: 0.096003000 seconds]
      [Time since reference or first frame: 13.290039000 seconds]
      Frame Number: 442
      Frame Length: 243 bytes (1944 bits)
      Capture Length: 243 bytes (1944 bits)
      [Frame is marked: False]
      [Frame is ignored: False]
      [Protocols in frame: radiotap:wlan_radio:wlan]
      Radiotap Header v0, Length 20
      Header revision: 0
      Header pad: 0
      Header length: 20
      Present flags
      Present flags word: 0x000018ee
      Flags: 0x10
      .... ...0 = CFP: False
      .... ..0. = Preamble: Long
      .... .0.. = WEP: False
      .... 0... = Fragmentation: False
      ...1 .... = FCS at end: True
      ..0. .... = Data Pad: False
      .0.. .... = Bad FCS: False
      0... .... = Short GI: False
      Data Rate: 1.0 Mb/s
      Channel frequency: 2412 [BG 1]
      Channel flags: 0x00a0, Complementary Code Keying (CCK), 2 GHz spectrum
      Antenna signal: -70dBm
      Antenna noise: -100dBm
      Signal Quality: 76
      Antenna: 0
      dB antenna signal: 30dB
      802.11 radio information
      PHY type: 802.11b (4)
      Short preamble: False
      Data rate: 1.0 Mb/s
      Channel: 1
      Frequency: 2412MHz
      Signal strength (dBm): -70dBm
      Noise level (dBm): -100dBm
      [Duration: 1976µs]
      IEEE 802.11 Probe Response, Flags: ........C
      Type/Subtype: Probe Response (0x0005)
      Frame Control Field: 0x5000
      .... ..00 = Version: 0
      .... 00.. = Type: Management frame (0)
      0101 .... = Subtype: 5
      Flags: 0x00
      .000 0001 0011 1010 = Duration: 314 microseconds
      Receiver address: SamsungE_74:b9:f9 (d0:22:be:74:b9:f9)
      Destination address: SamsungE_74:b9:f9 (d0:22:be:74:b9:f9)
      Transmitter address: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
      Source address: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
      BSS Id: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
      .... .... .... 0000 = Fragment number: 0
      0010 1000 0011 .... = Sequence number: 643
      Frame check sequence: 0xeb99cc98 [correct]
      [FCS Status: Good]
      IEEE 802.11 wireless LAN
      Fixed parameters (12 bytes)
      Timestamp: 0x0000008df2ce0b90
      Beacon Interval: 0.102400 [Seconds]
      Capabilities Information: 0x0411
      .... .... .... ...1 = ESS capabilities: Transmitter is an AP
      .... .... .... ..0. = IBSS status: Transmitter belongs to a BSS
      .... ..0. .... 00.. = CFP participation capabilities: No point coordinator at AP (0x00)
      .... .... ...1 .... = Privacy: AP/STA can support WEP
      .... .... ..0. .... = Short Preamble: Not Allowed
      .... .... .0.. .... = PBCC: Not Allowed
      .... .... 0... .... = Channel Agility: Not in use
      .... ...0 .... .... = Spectrum Management: Not Implemented
      .... .1.. .... .... = Short Slot Time: In use
      .... 0... .... .... = Automatic Power Save Delivery: Not Implemented
      ...0 .... .... .... = Radio Measurement: Not Implemented
      ..0. .... .... .... = DSSS-OFDM: Not Allowed
      .0.. .... .... .... = Delayed Block Ack: Not Implemented
      0... .... .... .... = Immediate Block Ack: Not Implemented
      Tagged parameters (183 bytes)
      Tag: SSID parameter set: HOTBOX-9810
      Tag Number: SSID parameter set (0)
      Tag length: 11
      SSID: HOTBOX-9810
      Tag: Supported Rates 1(B), 2(B), 5.5(B), 11(B), 18, 24, 36, 54, [Mbit/sec]
      Tag Number: Supported Rates (1)
      Tag length: 8
      Supported Rates: 1(B) (0x82)
      Supported Rates: 2(B) (0x84)
      Supported Rates: 5.5(B) (0x8b)
      Supported Rates: 11(B) (0x96)
      Supported Rates: 18 (0x24)
      Supported Rates: 24 (0x30)
      Supported Rates: 36 (0x48)
      Supported Rates: 54 (0x6c)
      Tag: DS Parameter set: Current Channel: 1
      Tag Number: DS Parameter set (3)
      Tag length: 1
      Current Channel: 1
      Tag: ERP Information
      Tag Number: ERP Information (42)
      Tag length: 1
      ERP Information: 0x00
      Tag: ERP Information
      Tag Number: ERP Information (47)
      Tag length: 1
      ERP Information: 0x00
      Tag: RSN Information
      Tag Number: RSN Information (48)
      Tag length: 24
      RSN Version: 1
      Group Cipher Suite: 00:0f:ac (Ieee 802.11) TKIP
      Pairwise Cipher Suite Count: 2
      Pairwise Cipher Suite List 00:0f:ac (Ieee 802.11) AES (CCM) 00:0f:ac (Ieee 802.11) TKIP
      Auth Key Management (AKM) Suite Count: 1
      Auth Key Management (AKM) List 00:0f:ac (Ieee 802.11) PSK
      RSN Capabilities: 0x000c
      Tag: Extended Supported Rates 6, 9, 12, 48, [Mbit/sec]
      Tag Number: Extended Supported Rates (50)
      Tag length: 4
      Extended Supported Rates: 6 (0x0c)
      Extended Supported Rates: 9 (0x12)
      Extended Supported Rates: 12 (0x18)
      Extended Supported Rates: 48 (0x60)
      Tag: HT Capabilities (802.11n D1.10)
      Tag Number: HT Capabilities (802.11n D1.10) (45)
      Tag length: 26
      HT Capabilities Info: 0x18fc
      A-MPDU Parameters: 0x1b
      Rx Supported Modulation and Coding Scheme Set: MCS Set
      HT Extended Capabilities: 0x0000
      Transmit Beam Forming (TxBF) Capabilities: 0x00000000
      Antenna Selection (ASEL) Capabilities: 0x00
      Tag: HT Information (802.11n D1.10)
      Tag Number: HT Information (802.11n D1.10) (61)
      Tag length: 22
      Primary Channel: 1
      HT Information Subset (1 of 3): 0x08
      HT Information Subset (2 of 3): 0x0004
      HT Information Subset (3 of 3): 0x0000
      Rx Supported Modulation and Coding Scheme Set: Basic MCS Set
      Tag: Vendor Specific: Broadcom
      Tag Number: Vendor Specific (221)
      Tag length: 9
      OUI: 00:10:18 (Broadcom)
      Vendor Specific OUI Type: 2
      Vendor Specific Data: 0201f02c0000
      Tag: Vendor Specific: Microsoft Corp.: WPA Information Element
      Tag Number: Vendor Specific (221)
      Tag length: 28
      OUI: 00:50:f2 (Microsoft Corp.)
      Vendor Specific OUI Type: 1
      Type: WPA Information Element (0x01)
      WPA Version: 1
      Multicast Cipher Suite: 00:50:f2 (Microsoft Corp.) TKIP
      Unicast Cipher Suite Count: 2
      Unicast Cipher Suite List 00:50:f2 (Microsoft Corp.) AES (CCM) 00:50:f2 (Microsoft Corp.) TKIP
      Auth Key Management (AKM) Suite Count: 1
      Auth Key Management (AKM) List 00:50:f2 (Microsoft Corp.) PSK
      Tag: Vendor Specific: Microsoft Corp.: WMM/WME: Parameter Element
      Tag Number: Vendor Specific (221)
      Tag length: 24
      OUI: 00:50:f2 (Microsoft Corp.)
      Vendor Specific OUI Type: 2
      Type: WMM/WME (0x02)
      WME Subtype: Parameter Element (1)
      WME Version: 1
      WME QoS Info: 0x80
      Reserved: 00
      Ac Parameters ACI 0 (Best Effort), ACM no, AIFSN 3, ECWmin/max 4/10 (CWmin/max 15/1023), TXOP 0
      Ac Parameters ACI 1 (Background), ACM no, AIFSN 7, ECWmin/max 4/10 (CWmin/max 15/1023), TXOP 0
      Ac Parameters ACI 2 (Video), ACM no, AIFSN 2, ECWmin/max 3/4 (CWmin/max 7/15), TXOP 94
      Ac Parameters ACI 3 (Voice), ACM no, AIFSN 2, ECWmin/max 2/3 (CWmin/max 3/7), TXOP 47









      share|improve this question













      I'm seeing several devices trying to connect to an AP (using wireshark), several send and receive the "Probe response" message (802.11)
      enter image description here

      But the don't even send the association request.
      Why is that? does the connection considered to be closed or open only after the probe response?

      How did they know not to sent the association request?
      Here is a response packet of a device that didn't sent a association request afterwords



      Frame 442: 243 bytes on wire (1944 bits), 243 bytes captured (1944 bits) on interface 0
      Interface id: 0 (\.airpcap00)
      Encapsulation type: IEEE 802.11 plus radiotap radio header (23)
      Arrival Time: Mar 18, 2014 21:32:31.171606000 Jerusalem Standard Time
      [Time shift for this packet: 0.000000000 seconds]
      Epoch Time: 1395171151.171606000 seconds
      [Time delta from previous captured frame: 0.002142000 seconds]
      [Time delta from previous displayed frame: 0.096003000 seconds]
      [Time since reference or first frame: 13.290039000 seconds]
      Frame Number: 442
      Frame Length: 243 bytes (1944 bits)
      Capture Length: 243 bytes (1944 bits)
      [Frame is marked: False]
      [Frame is ignored: False]
      [Protocols in frame: radiotap:wlan_radio:wlan]
      Radiotap Header v0, Length 20
      Header revision: 0
      Header pad: 0
      Header length: 20
      Present flags
      Present flags word: 0x000018ee
      Flags: 0x10
      .... ...0 = CFP: False
      .... ..0. = Preamble: Long
      .... .0.. = WEP: False
      .... 0... = Fragmentation: False
      ...1 .... = FCS at end: True
      ..0. .... = Data Pad: False
      .0.. .... = Bad FCS: False
      0... .... = Short GI: False
      Data Rate: 1.0 Mb/s
      Channel frequency: 2412 [BG 1]
      Channel flags: 0x00a0, Complementary Code Keying (CCK), 2 GHz spectrum
      Antenna signal: -70dBm
      Antenna noise: -100dBm
      Signal Quality: 76
      Antenna: 0
      dB antenna signal: 30dB
      802.11 radio information
      PHY type: 802.11b (4)
      Short preamble: False
      Data rate: 1.0 Mb/s
      Channel: 1
      Frequency: 2412MHz
      Signal strength (dBm): -70dBm
      Noise level (dBm): -100dBm
      [Duration: 1976µs]
      IEEE 802.11 Probe Response, Flags: ........C
      Type/Subtype: Probe Response (0x0005)
      Frame Control Field: 0x5000
      .... ..00 = Version: 0
      .... 00.. = Type: Management frame (0)
      0101 .... = Subtype: 5
      Flags: 0x00
      .000 0001 0011 1010 = Duration: 314 microseconds
      Receiver address: SamsungE_74:b9:f9 (d0:22:be:74:b9:f9)
      Destination address: SamsungE_74:b9:f9 (d0:22:be:74:b9:f9)
      Transmitter address: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
      Source address: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
      BSS Id: Sagemcom_fb:5d:9d (00:78:9e:fb:5d:9d)
      .... .... .... 0000 = Fragment number: 0
      0010 1000 0011 .... = Sequence number: 643
      Frame check sequence: 0xeb99cc98 [correct]
      [FCS Status: Good]
      IEEE 802.11 wireless LAN
      Fixed parameters (12 bytes)
      Timestamp: 0x0000008df2ce0b90
      Beacon Interval: 0.102400 [Seconds]
      Capabilities Information: 0x0411
      .... .... .... ...1 = ESS capabilities: Transmitter is an AP
      .... .... .... ..0. = IBSS status: Transmitter belongs to a BSS
      .... ..0. .... 00.. = CFP participation capabilities: No point coordinator at AP (0x00)
      .... .... ...1 .... = Privacy: AP/STA can support WEP
      .... .... ..0. .... = Short Preamble: Not Allowed
      .... .... .0.. .... = PBCC: Not Allowed
      .... .... 0... .... = Channel Agility: Not in use
      .... ...0 .... .... = Spectrum Management: Not Implemented
      .... .1.. .... .... = Short Slot Time: In use
      .... 0... .... .... = Automatic Power Save Delivery: Not Implemented
      ...0 .... .... .... = Radio Measurement: Not Implemented
      ..0. .... .... .... = DSSS-OFDM: Not Allowed
      .0.. .... .... .... = Delayed Block Ack: Not Implemented
      0... .... .... .... = Immediate Block Ack: Not Implemented
      Tagged parameters (183 bytes)
      Tag: SSID parameter set: HOTBOX-9810
      Tag Number: SSID parameter set (0)
      Tag length: 11
      SSID: HOTBOX-9810
      Tag: Supported Rates 1(B), 2(B), 5.5(B), 11(B), 18, 24, 36, 54, [Mbit/sec]
      Tag Number: Supported Rates (1)
      Tag length: 8
      Supported Rates: 1(B) (0x82)
      Supported Rates: 2(B) (0x84)
      Supported Rates: 5.5(B) (0x8b)
      Supported Rates: 11(B) (0x96)
      Supported Rates: 18 (0x24)
      Supported Rates: 24 (0x30)
      Supported Rates: 36 (0x48)
      Supported Rates: 54 (0x6c)
      Tag: DS Parameter set: Current Channel: 1
      Tag Number: DS Parameter set (3)
      Tag length: 1
      Current Channel: 1
      Tag: ERP Information
      Tag Number: ERP Information (42)
      Tag length: 1
      ERP Information: 0x00
      Tag: ERP Information
      Tag Number: ERP Information (47)
      Tag length: 1
      ERP Information: 0x00
      Tag: RSN Information
      Tag Number: RSN Information (48)
      Tag length: 24
      RSN Version: 1
      Group Cipher Suite: 00:0f:ac (Ieee 802.11) TKIP
      Pairwise Cipher Suite Count: 2
      Pairwise Cipher Suite List 00:0f:ac (Ieee 802.11) AES (CCM) 00:0f:ac (Ieee 802.11) TKIP
      Auth Key Management (AKM) Suite Count: 1
      Auth Key Management (AKM) List 00:0f:ac (Ieee 802.11) PSK
      RSN Capabilities: 0x000c
      Tag: Extended Supported Rates 6, 9, 12, 48, [Mbit/sec]
      Tag Number: Extended Supported Rates (50)
      Tag length: 4
      Extended Supported Rates: 6 (0x0c)
      Extended Supported Rates: 9 (0x12)
      Extended Supported Rates: 12 (0x18)
      Extended Supported Rates: 48 (0x60)
      Tag: HT Capabilities (802.11n D1.10)
      Tag Number: HT Capabilities (802.11n D1.10) (45)
      Tag length: 26
      HT Capabilities Info: 0x18fc
      A-MPDU Parameters: 0x1b
      Rx Supported Modulation and Coding Scheme Set: MCS Set
      HT Extended Capabilities: 0x0000
      Transmit Beam Forming (TxBF) Capabilities: 0x00000000
      Antenna Selection (ASEL) Capabilities: 0x00
      Tag: HT Information (802.11n D1.10)
      Tag Number: HT Information (802.11n D1.10) (61)
      Tag length: 22
      Primary Channel: 1
      HT Information Subset (1 of 3): 0x08
      HT Information Subset (2 of 3): 0x0004
      HT Information Subset (3 of 3): 0x0000
      Rx Supported Modulation and Coding Scheme Set: Basic MCS Set
      Tag: Vendor Specific: Broadcom
      Tag Number: Vendor Specific (221)
      Tag length: 9
      OUI: 00:10:18 (Broadcom)
      Vendor Specific OUI Type: 2
      Vendor Specific Data: 0201f02c0000
      Tag: Vendor Specific: Microsoft Corp.: WPA Information Element
      Tag Number: Vendor Specific (221)
      Tag length: 28
      OUI: 00:50:f2 (Microsoft Corp.)
      Vendor Specific OUI Type: 1
      Type: WPA Information Element (0x01)
      WPA Version: 1
      Multicast Cipher Suite: 00:50:f2 (Microsoft Corp.) TKIP
      Unicast Cipher Suite Count: 2
      Unicast Cipher Suite List 00:50:f2 (Microsoft Corp.) AES (CCM) 00:50:f2 (Microsoft Corp.) TKIP
      Auth Key Management (AKM) Suite Count: 1
      Auth Key Management (AKM) List 00:50:f2 (Microsoft Corp.) PSK
      Tag: Vendor Specific: Microsoft Corp.: WMM/WME: Parameter Element
      Tag Number: Vendor Specific (221)
      Tag length: 24
      OUI: 00:50:f2 (Microsoft Corp.)
      Vendor Specific OUI Type: 2
      Type: WMM/WME (0x02)
      WME Subtype: Parameter Element (1)
      WME Version: 1
      WME QoS Info: 0x80
      Reserved: 00
      Ac Parameters ACI 0 (Best Effort), ACM no, AIFSN 3, ECWmin/max 4/10 (CWmin/max 15/1023), TXOP 0
      Ac Parameters ACI 1 (Background), ACM no, AIFSN 7, ECWmin/max 4/10 (CWmin/max 15/1023), TXOP 0
      Ac Parameters ACI 2 (Video), ACM no, AIFSN 2, ECWmin/max 3/4 (CWmin/max 7/15), TXOP 94
      Ac Parameters ACI 3 (Voice), ACM no, AIFSN 2, ECWmin/max 2/3 (CWmin/max 3/7), TXOP 47






      wireless ieee-802.11






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 16 at 16:50









      DsCpp

      1343




      1343






















          2 Answers
          2






          active

          oldest

          votes

















          up vote
          3
          down vote



          accepted










          These devices are simply looking for available networks, not trying to associate with them. This is normal behavior for a device looking for networks and to determine what the AP capabilities are.



          The device won't send an association request until you tell it to connect to that network.






          share|improve this answer





















          • So only the devices the send the association request (and receive a respond) are the ones connected?
            – DsCpp
            Nov 16 at 16:57










          • Yes. For example, on a Windows PC, when you click the icon and see a list of available networks, that list is generated from probe request/responses. When you click Connect, then it sends an association request.
            – Ron Trunk
            Nov 16 at 17:06




















          up vote
          2
          down vote














          But the don't even send the association request. Why is that? does the connection considered to be closed or open only after the probe response?
          How did they know not to sent the association request?




          They are simply checking the availability of wireless networks around them. This does not necessarily indicate they actually want to join or associate to the network.



          When a wireless client is looking to join a wireless network (or check for the possibility of roaming to a new one), they send out probe requests. Often these are general in nature and how a device discovers which networks are around them. Think of it as the client device yelling, "Can any wireless networks hear me?"



          Probe requests can also be directed to particular networks. "Can network ABCXYZ hear me?" This is required with the SSID is "hidden" and is the default way many mobile devices try to reconnect to stored networks.



          When an access point hears a probe request, if the probe request is either general in nature or for the configured wireless network, it responds with a probe response. This behavior is defined by the IEEE standards for 802.11 networks. So your AP will always respond to any general probe request from a wireless client.



          You have likely experienced this yourself without realizing it. When you want to join a wireless device to a network, you have likely been presented with a list of wireless networks and selected the one you wanted to join. This list was generated largely from the probe responses the wireless client received from APs in the area when it sent out probe requests.



          All APs also advertise themselves with beacon frames periodically, which is the other way that clients can find wireless networks in the area. However this is a slower process for discovery, so the vast majority of clients use probe request/responses primarily for discovery.






          share|improve this answer





















            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "496"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            noCode: true, onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














             

            draft saved


            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f54776%2fconnection-to-ap-after-what-stage-802-11b-protocol%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            3
            down vote



            accepted










            These devices are simply looking for available networks, not trying to associate with them. This is normal behavior for a device looking for networks and to determine what the AP capabilities are.



            The device won't send an association request until you tell it to connect to that network.






            share|improve this answer





















            • So only the devices the send the association request (and receive a respond) are the ones connected?
              – DsCpp
              Nov 16 at 16:57










            • Yes. For example, on a Windows PC, when you click the icon and see a list of available networks, that list is generated from probe request/responses. When you click Connect, then it sends an association request.
              – Ron Trunk
              Nov 16 at 17:06

















            up vote
            3
            down vote



            accepted










            These devices are simply looking for available networks, not trying to associate with them. This is normal behavior for a device looking for networks and to determine what the AP capabilities are.



            The device won't send an association request until you tell it to connect to that network.






            share|improve this answer





















            • So only the devices the send the association request (and receive a respond) are the ones connected?
              – DsCpp
              Nov 16 at 16:57










            • Yes. For example, on a Windows PC, when you click the icon and see a list of available networks, that list is generated from probe request/responses. When you click Connect, then it sends an association request.
              – Ron Trunk
              Nov 16 at 17:06















            up vote
            3
            down vote



            accepted







            up vote
            3
            down vote



            accepted






            These devices are simply looking for available networks, not trying to associate with them. This is normal behavior for a device looking for networks and to determine what the AP capabilities are.



            The device won't send an association request until you tell it to connect to that network.






            share|improve this answer












            These devices are simply looking for available networks, not trying to associate with them. This is normal behavior for a device looking for networks and to determine what the AP capabilities are.



            The device won't send an association request until you tell it to connect to that network.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Nov 16 at 16:56









            Ron Trunk

            33.4k22970




            33.4k22970












            • So only the devices the send the association request (and receive a respond) are the ones connected?
              – DsCpp
              Nov 16 at 16:57










            • Yes. For example, on a Windows PC, when you click the icon and see a list of available networks, that list is generated from probe request/responses. When you click Connect, then it sends an association request.
              – Ron Trunk
              Nov 16 at 17:06




















            • So only the devices the send the association request (and receive a respond) are the ones connected?
              – DsCpp
              Nov 16 at 16:57










            • Yes. For example, on a Windows PC, when you click the icon and see a list of available networks, that list is generated from probe request/responses. When you click Connect, then it sends an association request.
              – Ron Trunk
              Nov 16 at 17:06


















            So only the devices the send the association request (and receive a respond) are the ones connected?
            – DsCpp
            Nov 16 at 16:57




            So only the devices the send the association request (and receive a respond) are the ones connected?
            – DsCpp
            Nov 16 at 16:57












            Yes. For example, on a Windows PC, when you click the icon and see a list of available networks, that list is generated from probe request/responses. When you click Connect, then it sends an association request.
            – Ron Trunk
            Nov 16 at 17:06






            Yes. For example, on a Windows PC, when you click the icon and see a list of available networks, that list is generated from probe request/responses. When you click Connect, then it sends an association request.
            – Ron Trunk
            Nov 16 at 17:06












            up vote
            2
            down vote














            But the don't even send the association request. Why is that? does the connection considered to be closed or open only after the probe response?
            How did they know not to sent the association request?




            They are simply checking the availability of wireless networks around them. This does not necessarily indicate they actually want to join or associate to the network.



            When a wireless client is looking to join a wireless network (or check for the possibility of roaming to a new one), they send out probe requests. Often these are general in nature and how a device discovers which networks are around them. Think of it as the client device yelling, "Can any wireless networks hear me?"



            Probe requests can also be directed to particular networks. "Can network ABCXYZ hear me?" This is required with the SSID is "hidden" and is the default way many mobile devices try to reconnect to stored networks.



            When an access point hears a probe request, if the probe request is either general in nature or for the configured wireless network, it responds with a probe response. This behavior is defined by the IEEE standards for 802.11 networks. So your AP will always respond to any general probe request from a wireless client.



            You have likely experienced this yourself without realizing it. When you want to join a wireless device to a network, you have likely been presented with a list of wireless networks and selected the one you wanted to join. This list was generated largely from the probe responses the wireless client received from APs in the area when it sent out probe requests.



            All APs also advertise themselves with beacon frames periodically, which is the other way that clients can find wireless networks in the area. However this is a slower process for discovery, so the vast majority of clients use probe request/responses primarily for discovery.






            share|improve this answer

























              up vote
              2
              down vote














              But the don't even send the association request. Why is that? does the connection considered to be closed or open only after the probe response?
              How did they know not to sent the association request?




              They are simply checking the availability of wireless networks around them. This does not necessarily indicate they actually want to join or associate to the network.



              When a wireless client is looking to join a wireless network (or check for the possibility of roaming to a new one), they send out probe requests. Often these are general in nature and how a device discovers which networks are around them. Think of it as the client device yelling, "Can any wireless networks hear me?"



              Probe requests can also be directed to particular networks. "Can network ABCXYZ hear me?" This is required with the SSID is "hidden" and is the default way many mobile devices try to reconnect to stored networks.



              When an access point hears a probe request, if the probe request is either general in nature or for the configured wireless network, it responds with a probe response. This behavior is defined by the IEEE standards for 802.11 networks. So your AP will always respond to any general probe request from a wireless client.



              You have likely experienced this yourself without realizing it. When you want to join a wireless device to a network, you have likely been presented with a list of wireless networks and selected the one you wanted to join. This list was generated largely from the probe responses the wireless client received from APs in the area when it sent out probe requests.



              All APs also advertise themselves with beacon frames periodically, which is the other way that clients can find wireless networks in the area. However this is a slower process for discovery, so the vast majority of clients use probe request/responses primarily for discovery.






              share|improve this answer























                up vote
                2
                down vote










                up vote
                2
                down vote










                But the don't even send the association request. Why is that? does the connection considered to be closed or open only after the probe response?
                How did they know not to sent the association request?




                They are simply checking the availability of wireless networks around them. This does not necessarily indicate they actually want to join or associate to the network.



                When a wireless client is looking to join a wireless network (or check for the possibility of roaming to a new one), they send out probe requests. Often these are general in nature and how a device discovers which networks are around them. Think of it as the client device yelling, "Can any wireless networks hear me?"



                Probe requests can also be directed to particular networks. "Can network ABCXYZ hear me?" This is required with the SSID is "hidden" and is the default way many mobile devices try to reconnect to stored networks.



                When an access point hears a probe request, if the probe request is either general in nature or for the configured wireless network, it responds with a probe response. This behavior is defined by the IEEE standards for 802.11 networks. So your AP will always respond to any general probe request from a wireless client.



                You have likely experienced this yourself without realizing it. When you want to join a wireless device to a network, you have likely been presented with a list of wireless networks and selected the one you wanted to join. This list was generated largely from the probe responses the wireless client received from APs in the area when it sent out probe requests.



                All APs also advertise themselves with beacon frames periodically, which is the other way that clients can find wireless networks in the area. However this is a slower process for discovery, so the vast majority of clients use probe request/responses primarily for discovery.






                share|improve this answer













                But the don't even send the association request. Why is that? does the connection considered to be closed or open only after the probe response?
                How did they know not to sent the association request?




                They are simply checking the availability of wireless networks around them. This does not necessarily indicate they actually want to join or associate to the network.



                When a wireless client is looking to join a wireless network (or check for the possibility of roaming to a new one), they send out probe requests. Often these are general in nature and how a device discovers which networks are around them. Think of it as the client device yelling, "Can any wireless networks hear me?"



                Probe requests can also be directed to particular networks. "Can network ABCXYZ hear me?" This is required with the SSID is "hidden" and is the default way many mobile devices try to reconnect to stored networks.



                When an access point hears a probe request, if the probe request is either general in nature or for the configured wireless network, it responds with a probe response. This behavior is defined by the IEEE standards for 802.11 networks. So your AP will always respond to any general probe request from a wireless client.



                You have likely experienced this yourself without realizing it. When you want to join a wireless device to a network, you have likely been presented with a list of wireless networks and selected the one you wanted to join. This list was generated largely from the probe responses the wireless client received from APs in the area when it sent out probe requests.



                All APs also advertise themselves with beacon frames periodically, which is the other way that clients can find wireless networks in the area. However this is a slower process for discovery, so the vast majority of clients use probe request/responses primarily for discovery.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 16 at 20:21









                YLearn

                21.3k54297




                21.3k54297






























                     

                    draft saved


                    draft discarded



















































                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f54776%2fconnection-to-ap-after-what-stage-802-11b-protocol%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Probability when a professor distributes a quiz and homework assignment to a class of n students.

                    Aardman Animations

                    Are they similar matrix