[kismac] Re: What results in <no-ssid> in scan output?

  • From: "Kevin Bringard" <comandercool@xxxxxxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Mon, 7 Aug 2006 08:00:26 -0700

Apologies, I meant to cause it to show up in KisMac.

This has been mentioned on the list before... if you deauth flood, then you
can pick up the SSID name when any clients that may have been disconnected
reconnect.  I could be wrong (as I am not an 802.11 ninja by any means) but
I believe the only time the SSID of a hidden AP is broadcast is when a
client connects.

Either way, to the original question... you should be able to get the name
by some means or other... just hafta work at it a tit bit :-D

-- kevin

On 8/7/06, James Kelly <macubergeek@xxxxxxxxxxx> wrote:

I don't think you need to use a de-auth flood to determine this...but I could be wrong. Sniff the traffic going to this wap's channel and tell kismac to save it to a pcap file. Open the pcap in ethereal and see if you can see the ssid there. Don't remember the ethereal filter exactly right now...just got back from Defcon and I'm a little fuzzy ;-)Jk ---------------------------------------- macintosh phear tha phruit ----------------------------------------

On Aug 7, 2006, at 10:47 AM, Kevin Bringard wrote:

You can try a de-auth flood on it.  That will often times cause the name
of
the AP to show up.

-- Kevin

On 8/7/06, James Kelly <macubergeek@xxxxxxxxxxx> wrote:


I suspect that it means that the owner of the wap is cloaking the ssid. The Wap is set to not beacon it's ssid. Really stupid since it can still be found with kismet and kismac. ;-) Jim ---------------------------------------- macintosh phear tha phruit ----------------------------------------

On Aug 5, 2006, at 5:28 PM, Paul Jacoby wrote:

I'm trying to understand what makes KisMac report "<no-ssid>" in it's
display list and output files.  Can someone who knows that code explain
what triggers the decision to say "<no-ssid>"?

The reason I ask is that I have some Symbol Technologies APs in my area
that cause another scanner (WiFiFoFum for PocketPC) to return garbage
SSIDs.
I did a trace capture with KisMac (thanks for the pointer, themacuser) and
found that the Symbol's aren't returning an SSID structure in their Beacon
packets at all.  I guess that's an obvious enough reason to indicate
<no-ssid>, but I'm curious as to whether this is 'standard' stuff, or
something particular the Symbol's.  It's something the author of WFFF will
need to accommodate, in any case....

Thanks for any insight.





Other related posts: