[kismac] Re: Kismac captures 1,000,000+ packets, but none are DATA or IVs ?

  • From: "Rohan Hill" <rohan@xxxxxxxxxxxxx>
  • To: <kismac@xxxxxxxxxxxxx>
  • Date: Wed, 30 Aug 2006 01:34:04 -0400

There's a driver with the latest build I have (158 I believe) that is called
Airport Extreme Passive Mode - or something to that effect. I had to
completely trash my existing kismac, and install the latest build, and it
took a couple tries, but the driver eventually showed up. I believe it's a
standard option now though - and if you use the kismac installer, I don't
know why you wouldn't see it.


One word of advice - it's tedious to get any results with it - I've captured
over a million packets, and no IVs, and it doesn't seem to capture data
packets AT ALL, even when there are plenty of data packets shooting around.


The problem, is that I can't seem to find ANY prism2 usb dongles available
ANYWHERE for sale - at least under $100.



From: kismac-bounce@xxxxxxxxxxxxx [mailto:kismac-bounce@xxxxxxxxxxxxx] On
Behalf Of Michael Capizzo
Sent: Tuesday, August 29, 2006 8:18 PM
To: kismac@xxxxxxxxxxxxx
Subject: [kismac] Re: Kismac captures 1,000,000+ packets, but none are DATA
or IVs ?


Sorry for the misunderstanding  but, how did you make the Airport Extreme
card run under passive mode on the Macbook? If that option is in the 158
build, where can I find it?

On Aug 29, 2006, at 7:52 PM, Court K wrote:

You need to get a USB dongle that lets you do packet injects, and auth
floods to get real IV packets. Passive mode on the airport cards is pretty
much useless.



On Aug 11, 2006, at 11:18 PM, Rohan Hill wrote:

I'm running the latest (158 I believe?) build of Kismac, with a Macbook. I'm
using the Airport Extreme driver in passive mode to capture packets. Here's
the puzzling part - Kismac captures tons of packets, but when I look at the
details, NONE of these packets (I've let it run up over 1 million packets in
one case) are ever IVs or DATA. I can understand not coming up with any IVs,
but I don't see why I would never ever capture any data. At first I thought
this was just a fluke of my area, but I tried it today in the downtown of a
large city with 20+ access points in range, and still no Data or IVs.


If I'm capturing from access points that are BEING USED at that moment, how
can there be no data?


What's going on here - is this normal?



Other related posts: