[kismac] More about SSID and Network Type...
- From: "Java Nut" <javanut20@xxxxxxxxxxx>
- To: kismac@xxxxxxxxxxxxx
- Date: Sun, 07 Dec 2003 10:32:47 -0600
Thanks, everyone for your replies. I have a few additional questions:
Many models of access points have an option to "hide" the SSID,
which simply means that the AP won't include the SSID in the
beacon frames it sends. However, the SSID will still show
up in some other types of 802.11 frames that are sent less
often (e.g., "association request", "reassociation request",
"probe response", and probably a few other types of frames).
In that case (particularly on an essentially idle network),
it can take quite a while for Kismac to detect the SSID when
So, will Kismac take the SSID from these alternative places as well as the
A "probe request frame" is sent by computers trying to find
access points. Asking for access points with a specific SSID
(or via "broadcast SSID" to try to get a response from any
access point within range). Access points send "probe response
frames" back. (However, hidden access points will generally
not respond to probes to "broadcast SSID".) The Kismac
<probe> shows probes.
Will the Mac Address shown for a probe entry be that of the probing network
interface or the network access point detected via the response to the
there are also "tunnel" networks, which are point to point connections,
often referred as WDS.
Will Kismac detect these?
no ssid means there have been no beacon frames to examine. hidden ssid
means that there have been beacons, but the ssid field has been wiped out.
kismac shows blank if the recieved ssid consits of spaces or non printable
Will the <hidden> marker be replaced if the SSID shows up in other types of
frames, and which?
Under what conditions can the network type be blank?
kismac only shows probes if there are a lot of them in a short term. this
is generally an indication for a running active stumbler. however there are
also some "legal" tools, which make an excessive use of probes
Can you say what some of these tools are? Why do you imply that Kismac is
not a "legal" tool? I would think it really depends on what one does with
the information they gather from Kismac and that Kismac can be used for
good, legal purposes, or to aid in illegal usage of networks. And I do know
there are features to help crack WEP, but I would never use them on
someone's network, as I take it that feature is for me to check the security
of my own network if I want to know how quickly one could break in or for
professionals who are hired to check the security of a particular network.
I am curious though how it would be regarded legally if someone used Kismac
while traveling to see if there is a network around and happened to find a
network with WEP turned off and then used it to reach the Internet for some
light duty (low data volume), legal web surfing or email checking without
checking whether the owner intended to share the network (or was merely
incompentent to not secure his network).
Don?t worry if your Inbox will max out while you are enjoying the holidays.
Get MSN Extra Storage! http://join.msn.com/?PAGE=features/es
Other related posts: