Is looking for Wi-Fi access points purely passive?
Problem
Say I carry a Wi-Fi enabled phone or laptop through an area where there are WAPs. Assuming that I don't actively try to connect to them or otherwise interact with them, is it possible for the owner of that WAP to know that I was there? I'm asking this in the context of my earlier question: Looking for MACs on the network I was talking with a friend about my newfound ability to detect phones (and other devices with MAC addresses) on the network, and he pointed out that it might be useful to detect unknown phones on the network; I could use that data to track down anyone who was in my house and brought a Wi-Fi phone with them. So, if I set up a logging fake WAP with no security or encryption, can I glean any useful information about the devices that come into the house? Assuming that the thief doesn't actively try to connect...
Unverified for your environment
Select your OS to check compatibility.
1 Fix
Fix for: Is looking for Wi-Fi access points purely passive?
No, looking for 802.11 APs is primarily active. When you bring up a list of visible APs in the area, your 802.11 client most likely does what's known as an "active scan", where it tunes its radio to each supported channel in turn, transmits a Probe Request frame, and waits perhaps 20-40ms to gather Probe Response frames from any APs on that channel before moving on to the next channel. This allows it to scan all the channels much faster than a "passive scan". A "passive scan" is possible, but iā¦
Awaiting Verification
Be the first to verify this fix
Sign in to verify this fix