Re: [PEN-TEST] wireless LAN traffic sniffing

From: Frank Knobbe (FKnobbeat_private)
Date: Mon Apr 30 2001 - 10:36:07 PDT

Next message: Enrique Pereira Calvo: "Re: [PEN-TEST] port 9200/udp scans (Print Lexmark)"

Previous message: James W. Abendschan: "Re: [PEN-TEST] MAC Vulnerability Scanner"
Maybe in reply to: Jacob Ansari: "[PEN-TEST] wireless LAN traffic sniffing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> -----Original Message-----
> From: Rijndal Groeber [mailto:sekureat_private]
> Sent: Sunday, April 29, 2001 6:07 PM
>
> I currently own a 3com 3crwe737a pcmcia card.
> True, the windows drivers which come with it appear to ignore
> promiscous
> mode, but the linux driver (for Symbol Spectrum 24t - which
> is identical)
> has no problem with it.

Cool. I hope more cards will implement that.

> By promiscous, as I was able to test it, I understand the
> ability to sniff
> pachets directed to other nodes of the wireless network... I was
> never able to capture ANY traffic before I got associated to an AP.
> If you mean something else, _please_ tell me.

That's correct. You still need to associate to an AP. In other words,
if the ESS ID is set to ANY on your NIC and the system is open (no
shared key), then you can sniff it. If the system is closed,
currently you still need to have the key. However, there is probably
software out there, or will be soon, that will automate the finding
of the keys.

When I looked at AiroPeek, it looked pretty good. However, what I
missed was the ability to get an overview of what channels are used
(preferably with ESS ID :)  Currently you still need to enter ID and
channel on order to tie-in.

I had a conversation with a rep from WildPackets, and basically
stated what I would like to see. That is, a 15 line overview of the
channels with status (in use or not. If so, how many packets,
open/shared key system, and ESS ID used). The rep mentioned that
something like this is planned and would be available some time
in.... uhm... I believe he said July.

I haven't much fancy software out there yet, but this technology is
still young. Maybe once 802.11a takes off, we will see more
developments in this area. Having cards that can be set into
promiscuous is the key. The technical ability is there. The software
will follow shortly.

Regards,
Frank

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME encrypted email preferred.

iQA/AwUBOu2ih5ytSsEygtEFEQLVrQCg4KtDt2kxcQc8UQvhSK9u7Ioih3cAn0qF
ils3S92bXYuIwfRIIIVx7nea
=dOT0
-----END PGP SIGNATURE-----

Next message: Enrique Pereira Calvo: "Re: [PEN-TEST] port 9200/udp scans (Print Lexmark)"
Previous message: James W. Abendschan: "Re: [PEN-TEST] MAC Vulnerability Scanner"
Maybe in reply to: Jacob Ansari: "[PEN-TEST] wireless LAN traffic sniffing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 30 2001 - 10:51:33 PDT