I wanted to research the routers at Noroff, and what type of information they give out. Such as BSSID and SSID, and then find more information from that. Also, I am combining this task with some explanations from another course work we had to do yesterday, namely differences between wifi radio types. I am doing this on the Windows platform since this is a simple test, but I would normally conduct information gathering on Kali Linux.

In command prompt I type “netsh wlan show networks mode=bssid”. And it returns a wide amount of networks in the area. On the list I can locate the network I am connected to “Noroff-Student”, which is the same as the SSID. The BSSID for it (basically the MAC address) is also stated, but – since this infrastructure network has many accesspoints in the network the list is quite extensive. But when researching this further, I choose the AP with the highest strength of 99%. This router has the BSSID: a4:18:75:64:f0:df and a radio type 802.11n.

Regarding radio types. So, this router has 802.11n which is different from 802.11ac and 802.11ad. But how? Well, it all comes down to frequency and how radio signals can be used to transmit data. All data consists of zeros and ones, just the same as the top and bottom of a radio signal – or wave. And whilst some radio signals can go very far – they also have a longer duration between each “wave” or top/bottom. Whilst other waves have short distance and really fast top/bottom. So when it comes to radio types, you have 2.4/5/60 GHz, the first one being long range with low speed, and the last one being really good on speed – but the range is just within your own room (<5 meters).

So the 802.11ac AP has 5GHz band with a speed of 1Gb/S and a range to fit inside your house. The 802.11ad AP has the 60GHz band and allows for speeds up to 7Gb/s, but only has a range of less than 5 meters. 802.11ad is therefore really good for connecting your high-storage capacity devices to your workstation without using cables or such.

The AP I am using here at school are the 802.11n version, which came out in 2009, basically was an upgrade from the two latter version (11b and 11g). A long with offering the 2.4GHz band, it also in some cases offers the 5GHz band. It also supports multiple antennas (MIMO). So what are the specifics for “my” AP here at school?

I am using Wiresharks service to do a MAC look-up (https://www.wireshark.org/tools/oui-lookup.html). Reason for this is that is allows for multiple entries and it is advertisement free. Also, it has a secure connection, which the others (like askapache.com) does not offer. And when I enter my AP, this is what I get in return.

As you can see, the result tells me that this is an AP from Cisco Systems, Inc. with the last three values representing the maker and the three first representing the individual device.