[kismac] Re: What results in <no-ssid> in scan output?
- From: "Kevin Bringard" <comandercool@xxxxxxxxx>
- To: kismac@xxxxxxxxxxxxx
- Date: Mon, 7 Aug 2006 08:00:26 -0700
Apologies, I meant to cause it to show up in KisMac.
This has been mentioned on the list before... if you deauth flood, then you
can pick up the SSID name when any clients that may have been disconnected
reconnect. I could be wrong (as I am not an 802.11 ninja by any means) but
I believe the only time the SSID of a hidden AP is broadcast is when a
client connects.
Either way, to the original question... you should be able to get the name
by some means or other... just hafta work at it a tit bit :-D
-- kevin
On 8/7/06, James Kelly <macubergeek@xxxxxxxxxxx> wrote:
I don't think you need to use a de-auth flood to determine this...but I
could be wrong. Sniff the traffic going to this wap's channel and tell
kismac to save it to a pcap file. Open the pcap in ethereal and see if you
can see the ssid there. Don't remember the ethereal filter exactly right
now...just got back from Defcon and I'm a little fuzzy ;-)Jk
----------------------------------------
macintosh
phear tha phruit
----------------------------------------
On Aug 7, 2006, at 10:47 AM, Kevin Bringard wrote:
You can try a de-auth flood on it. That will often times cause the name
of
the AP to show up.
-- Kevin
On 8/7/06, James Kelly <macubergeek@xxxxxxxxxxx> wrote:
I suspect that it means that the owner of the wap is cloaking the ssid.
The Wap is set to not beacon it's ssid. Really stupid since it can still
be
found with kismet and kismac. ;-)
Jim
----------------------------------------
macintosh
phear tha phruit
----------------------------------------
On Aug 5, 2006, at 5:28 PM, Paul Jacoby wrote:
I'm trying to understand what makes KisMac report "<no-ssid>" in it's
display list and output files. Can someone who knows that code explain
what triggers the decision to say "<no-ssid>"?
The reason I ask is that I have some Symbol Technologies APs in my area
that cause another scanner (WiFiFoFum for PocketPC) to return garbage
SSIDs.
I did a trace capture with KisMac (thanks for the pointer, themacuser) and
found that the Symbol's aren't returning an SSID structure in their Beacon
packets at all. I guess that's an obvious enough reason to indicate
<no-ssid>, but I'm curious as to whether this is 'standard' stuff, or
something particular the Symbol's. It's something the author of WFFF will
need to accommodate, in any case....
Thanks for any insight.
- References:
- [kismac] What results in <no-ssid> in scan output?
- From: Paul Jacoby
- [kismac] Re: What results in <no-ssid> in scan output?
- From: James Kelly
- [kismac] Re: What results in <no-ssid> in scan output?
- From: Kevin Bringard
- [kismac] Re: What results in <no-ssid> in scan output?
- From: James Kelly
Other related posts:
- » [kismac] What results in <no-ssid> in scan output?
- » [kismac] Re: What results in <no-ssid> in scan output?
- » [kismac] Re: What results in <no-ssid> in scan output?
- » [kismac] Re: What results in <no-ssid> in scan output?
- » [kismac] Re: What results in <no-ssid> in scan output?
- » [kismac] Re: What results in <no-ssid> in scan output?
- » [kismac] Re: What results in <no-ssid> in scan output?
I don't think you need to use a de-auth flood to determine this...but I could be wrong. Sniff the traffic going to this wap's channel and tell kismac to save it to a pcap file. Open the pcap in ethereal and see if you can see the ssid there. Don't remember the ethereal filter exactly right now...just got back from Defcon and I'm a little fuzzy ;-)Jk ---------------------------------------- macintosh phear tha phruit ----------------------------------------
On Aug 7, 2006, at 10:47 AM, Kevin Bringard wrote:
You can try a de-auth flood on it. That will often times cause the name of the AP to show up.
-- Kevin
On 8/7/06, James Kelly <macubergeek@xxxxxxxxxxx> wrote:
I suspect that it means that the owner of the wap is cloaking the ssid. The Wap is set to not beacon it's ssid. Really stupid since it can still be found with kismet and kismac. ;-) Jim ---------------------------------------- macintosh phear tha phruit ----------------------------------------
On Aug 5, 2006, at 5:28 PM, Paul Jacoby wrote:
I'm trying to understand what makes KisMac report "<no-ssid>" in it's display list and output files. Can someone who knows that code explain what triggers the decision to say "<no-ssid>"?
The reason I ask is that I have some Symbol Technologies APs in my area that cause another scanner (WiFiFoFum for PocketPC) to return garbage SSIDs. I did a trace capture with KisMac (thanks for the pointer, themacuser) and found that the Symbol's aren't returning an SSID structure in their Beacon packets at all. I guess that's an obvious enough reason to indicate <no-ssid>, but I'm curious as to whether this is 'standard' stuff, or something particular the Symbol's. It's something the author of WFFF will need to accommodate, in any case....
Thanks for any insight.
- [kismac] What results in <no-ssid> in scan output?
- From: Paul Jacoby
- [kismac] Re: What results in <no-ssid> in scan output?
- From: James Kelly
- [kismac] Re: What results in <no-ssid> in scan output?
- From: Kevin Bringard
- [kismac] Re: What results in <no-ssid> in scan output?
- From: James Kelly