[kismac] Re: SSIDs

  • From: Michael Rossberg <mick@xxxxxxxxxxxxxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Fri, 11 Apr 2003 07:51:22 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> Does this mean that we can find Hidden SSIDs?

yes. at least on my access point every thing works. even with the old 
version. what we cannot handle (yet) is multiple ssids. if anyone sees 
that kismac just "flashes" the ssid, and otherwise it is hidden, then i 
would like to have a copy of a small dump with beacons inside...

mick

> On Thursday, April 10, 2003, at 04:48  PM, Michael Rossberg wrote:
>
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>>
>>> How hard would it be to make those changes?
>>
>> it was working already. it is just a bug, that the ssid does not stay
>> there. consider it fixed.
>>
>> mick
>>
>>
>>> On Thursday, April 10, 2003, at 12:05  AM, Bob Cunningham wrote:
>>>
>>>>
>>>> I'll admit to using the technique described in the article to hide
>>>> the SSID for several access points I've install.  And -- with
>>>> KisMAC --  I've seen other access points configured that way.
>>>>
>>>> [Why?  As the article points out, not broadcasting the SSID
>>>> (i.e., removing it from BEACON packets) is not really secure.
>>>> However, it does a little something discourage casual users.
>>>> And not all access points can be configured to do it.]
>>>>
>>>> But frankly, I don't think KisMAC needs to "go active" in
>>>> order to discover SSIDs which are hidden this way.
>>>>
>>>> When I monitor an access point set up that way with
>>>> KisMAC what I see most of the time is a blank SSID.
>>>> However, if I monitor a busy access point for long enough,
>>>> the SSID will occasionally show.  Only to vanish again quickly.
>>>> Literally, "in the blink of an eye".
>>>>
>>>> I haven't found the logic behind that in the source code yet,
>>>> but what I think happens is that while SSIDs are being
>>>> suppressed in the beacons ... occasionally an ASSOCIATE
>>>> or REASSOCIATE frame shows up.  Which does have the
>>>> SSID.  KisMAC seems to (correctly) display that, but it quickly
>>>> goes away.  Probably because a beacon packet (without
>>>> the SSID) shows up.
>>>>
>>>> Perhaps if the logic want changed so that:
>>>>
>>>>    If an SSID shows up in in an ASSOCIATE or
>>>>    REASSOCIATE packet, display it.
>>>>
>>>>    if BEACON packets show up afterwards with
>>>>    zero length SSID, do not change the display.
>>>>
>>>> ... in other words:  if a non-zero-length SSID shows up,
>>>> keep displaying it.  Even if subsequent BEACON frames
>>>> from that access point have zero-length SSIDs.
>>>>
>>>>
>>>>
>>>> On Wednesday, Apr 9, 2003, at 12:43 Pacific/Honolulu, Robbie Miller
>>>> wrote:
>>>>
>>>>>
>>>>> I think the next release of kismac should include the ability to
>>>>> discover the name of hidden SSIDs.
>>>>> http://www.tisc2002.com/newsletters/416.html
>>>>> I have found this document, some of the options on the site would
>>>>> cause
>>>>> the Kismac to reveal it's self.
>>>>> So in my opinion I think that there should be a menu option to make
>>>>> kismac attempt to discover the SSID.
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.2.1 (Darwin)
>>
>> iD8DBQE+lea06ssxlS0dtH4RAqqbAJ95QBdf418bIpfkpU24ZFTWthuBawCbBmBa
>> jIpA1LlzDwf9GqaUx6wPhx4=
>> =bNC8
>> -----END PGP SIGNATURE-----
>>
>>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)

iD8DBQE+llfe6ssxlS0dtH4RAgEhAJ9rrFXsR8FQqgZ/mvcawJqq7GmF+QCfaoHt
zHiA3ecFgbTRhPHT4u42H+g=
=JOxh
-----END PGP SIGNATURE-----


Other related posts: