SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Wireless Networking > ASUS Wireless > ASUS N Routers & Adapters

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 12-26-2012, 09:21 PM
sfx2000 sfx2000 is offline
Very Senior Member
 
Join Date: Aug 2011
Location: San Diego, CA
Posts: 1,279
Thanks: 16
Thanked 136 Times in 122 Posts
sfx2000 is just starting out
Default N66U and Spanning Tree...

Interesting observation on Wireshark...

Have a neighbour with a new N66U AP - nice unit

The box is configured with WPA2-PSK - but in a wireshark capture, something I noticed is that the box is sending out STP frames, and more importantly, sending them out TKIP, not AES.

So a couple of questions:

1) Why is the N66U sending out STP frames? Useful perhaps in Mesh WiFi networks, but useless in a home environment
2) Why is a TKIP vector present in the STP frame?

packet dump link (some vals changed to protect the innocent):

https://dl.dropbox.com/u/2181814/N66u_STP_TKIP.txt

Bug? Feature?

Last edited by sfx2000; 12-26-2012 at 09:26 PM.
Reply With Quote
  #2  
Old 12-26-2012, 11:01 PM
housej55 housej55 is offline
New Member
 
Join Date: Dec 2012
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
housej55 is just starting out
Default

Quote:
Originally Posted by sfx2000 View Post
Interesting observation on Wireshark...

Have a neighbour with a new N66U AP - nice unit

The box is configured with WPA2-PSK - but in a wireshark capture, something I noticed is that the box is sending out STP frames, and more importantly, sending them out TKIP, not AES.

So a couple of questions:

1) Why is the N66U sending out STP frames? Useful perhaps in Mesh WiFi networks, but useless in a home environment
2) Why is a TKIP vector present in the STP frame?

packet dump link (some vals changed to protect the innocent):

https://dl.dropbox.com/u/2181814/N66u_STP_TKIP.txt

Bug? Feature?
This is a good find sfx, was this unit running the stock Asus firmware?
Reply With Quote
  #3  
Old 12-26-2012, 11:35 PM
jsmiddleton4 jsmiddleton4 is offline
Very Senior Member
 
Join Date: Dec 2012
Posts: 236
Thanks: 14
Thanked 9 Times in 9 Posts
jsmiddleton4 is just starting out
Default

I turned STP off because my understanding of it is that when I just have one router it isn't needed. When I had a WDS system with 3 routers I did enable it.

Now I guess doing so may not be a bad idea for other reasons.
Reply With Quote
  #4  
Old 12-27-2012, 12:21 AM
sfx2000 sfx2000 is offline
Very Senior Member
 
Join Date: Aug 2011
Location: San Diego, CA
Posts: 1,279
Thanks: 16
Thanked 136 Times in 122 Posts
sfx2000 is just starting out
Default

Quote:
Originally Posted by housej55 View Post
This is a good find sfx, was this unit running the stock Asus firmware?
AFAIK - Yes...

Makes is unique to fingerprint

Last edited by sfx2000; 12-27-2012 at 12:26 AM.
Reply With Quote
  #5  
Old 12-27-2012, 12:22 AM
sfx2000 sfx2000 is offline
Very Senior Member
 
Join Date: Aug 2011
Location: San Diego, CA
Posts: 1,279
Thanks: 16
Thanked 136 Times in 122 Posts
sfx2000 is just starting out
Default

Quote:
Originally Posted by jsmiddleton4 View Post
I turned STP off because my understanding of it is that when I just have one router it isn't needed. When I had a WDS system with 3 routers I did enable it.

Now I guess doing so may not be a bad idea for other reasons.
Don't need STP frames for WDS - different layer... STP is layer 3, WDS is layer 2...
Reply With Quote
  #6  
Old 12-29-2012, 08:27 PM
sfx2000 sfx2000 is offline
Very Senior Member
 
Join Date: Aug 2011
Location: San Diego, CA
Posts: 1,279
Thanks: 16
Thanked 136 Times in 122 Posts
sfx2000 is just starting out
Default

Bumping the thread - this is likely a security issue - if the primary is WPA2-AES, the STP frames being sent out TKIP is not very smart.

IEEE 802.11 Data, Flags: .p....F.
Type/Subtype: Data (0x20)
Frame Control: 0x4208 (Normal)
Version: 0
Type: Data frame (2)
Subtype: 0
Flags: 0x42
.... ..10 = DS status: Frame from DS to a STA via AP(To DS: 0 From DS: 1) (0x02)
.... .0.. = More Fragments: This is the last fragment
.... 0... = Retry: Frame is not being retransmitted
...0 .... = PWR MGT: STA will stay up
..0. .... = More Data: No data buffered
.1.. .... = Protected flag: Data is protected
0... .... = Order flag: Not strictly ordered
Duration: 0
Destination address: Spanning-tree-(for-bridges)_00 (01:80:c2:00:00:00)
BSS Id: 30:85:a9:xx:yy:zz (30:85:a9:xx:yy:zz)
Source address: 30:85:a9:xx:yy:zz (30:85:a9:xx:yy:zz)
Fragment number: 0
Sequence number: 292
TKIP parameters
TKIP Ext. Initialization Vector: 0x00000007F200
Key Index: 2
Data (46 bytes)

0000 fa 08 9d 79 79 c9 ac 3f 21 2d 47 7d bc 46 50 97 ...yy..?!-G}.FP.
0010 25 02 e4 4d f1 d0 7a c8 34 07 86 34 f7 ad 5e eb %..M..z.4..4..^.
0020 84 2d 30 c7 a2 a8 38 33 5e 96 24 46 c5 8f .-0...83^.$F..
Data: fa089d7979c9ac3f212d477dbc4650972502e44df1d07ac8.. .
[Length: 46]
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 11:23 PM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  399
L&LD  123
azazel1024  118
john9527  97
stevech  90
htismaqe  89
ColinTaylor  76
hggomes  54
sfx2000  51
Anzaia  45
RMerlin  6303
john9527  464
stevech  353
ryzhov_al  290
TeHashX  254
L&LD  245
RogerSC  204
sinshiva  146
sfx2000  136
joegreat  127
Most Viewed Threads* Hottest Threads*
Old Asuswrt-Merli...  59998
Old RT-AC68 -...  25996
Old Moderate Nat...  5605
Old ASUS RT-N66U...  5272
Old iOS 8.1...  4313
Old New AC68...  2952
Old RT-AC87U -...  2927
Old RT-AC68P QOS...  2391
Old AC68U,...  2234
Old Ruckus...  2004
Old Asuswrt-Merli...  256
Old RT-AC68 -...  141
Old Moderate Nat...  34
Old iOS 8.1...  33
Old RT-AC87U -...  26
Old RT-AC68P QOS...  24
Old How to flash...  24
Old Help Plz:...  21
Old NAS...  21
Old Linksys...  21


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.