Re: [PEN-TEST] wireless LAN traffic sniffing

From: Frank Knobbe (FKnobbeat_private)
Date: Mon Apr 30 2001 - 10:36:07 PDT

  • Next message: Enrique Pereira Calvo: "Re: [PEN-TEST] port 9200/udp scans (Print Lexmark)"

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    > -----Original Message-----
    > From: Rijndal Groeber [mailto:sekureat_private]
    > Sent: Sunday, April 29, 2001 6:07 PM
    >
    > I currently own a 3com 3crwe737a pcmcia card.
    > True, the windows drivers which come with it appear to ignore
    > promiscous
    > mode, but the linux driver (for Symbol Spectrum 24t - which
    > is identical)
    > has no problem with it.
    
    Cool. I hope more cards will implement that.
    
    > By promiscous, as I was able to test it, I understand the
    > ability to sniff
    > pachets directed to other nodes of the wireless network... I was
    > never able to capture ANY traffic before I got associated to an AP.
    > If you mean something else, _please_ tell me.
    
    That's correct. You still need to associate to an AP. In other words,
    if the ESS ID is set to ANY on your NIC and the system is open (no
    shared key), then you can sniff it. If the system is closed,
    currently you still need to have the key. However, there is probably
    software out there, or will be soon, that will automate the finding
    of the keys.
    
    When I looked at AiroPeek, it looked pretty good. However, what I
    missed was the ability to get an overview of what channels are used
    (preferably with ESS ID :)  Currently you still need to enter ID and
    channel on order to tie-in.
    
    I had a conversation with a rep from WildPackets, and basically
    stated what I would like to see. That is, a 15 line overview of the
    channels with status (in use or not. If so, how many packets,
    open/shared key system, and ESS ID used). The rep mentioned that
    something like this is planned and would be available some time
    in.... uhm... I believe he said July.
    
    I haven't much fancy software out there yet, but this technology is
    still young. Maybe once 802.11a takes off, we will see more
    developments in this area. Having cards that can be set into
    promiscuous is the key. The technical ability is there. The software
    will follow shortly.
    
    Regards,
    Frank
    
    -----BEGIN PGP SIGNATURE-----
    Version: PGP Personal Privacy 6.5.8
    Comment: PGP or S/MIME encrypted email preferred.
    
    iQA/AwUBOu2ih5ytSsEygtEFEQLVrQCg4KtDt2kxcQc8UQvhSK9u7Ioih3cAn0qF
    ils3S92bXYuIwfRIIIVx7nea
    =dOT0
    -----END PGP SIGNATURE-----
    



    This archive was generated by hypermail 2b30 : Mon Apr 30 2001 - 10:51:33 PDT