[kismac] Re: SSIDs
- From: Robbie Miller <rmiller021@xxxxxxx>
- To: kismac@xxxxxxxxxxxxx
- Date: Thu, 10 Apr 2003 17:23:32 -0500
Does this mean that we can find Hidden SSIDs?
On Thursday, April 10, 2003, at 04:48 PM, Michael Rossberg wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>> How hard would it be to make those changes?
>
> it was working already. it is just a bug, that the ssid does not stay
> there. consider it fixed.
>
> mick
>
>
>> On Thursday, April 10, 2003, at 12:05 AM, Bob Cunningham wrote:
>>
>>>
>>> I'll admit to using the technique described in the article to hide
>>> the SSID for several access points I've install. And -- with
>>> KisMAC -- I've seen other access points configured that way.
>>>
>>> [Why? As the article points out, not broadcasting the SSID
>>> (i.e., removing it from BEACON packets) is not really secure.
>>> However, it does a little something discourage casual users.
>>> And not all access points can be configured to do it.]
>>>
>>> But frankly, I don't think KisMAC needs to "go active" in
>>> order to discover SSIDs which are hidden this way.
>>>
>>> When I monitor an access point set up that way with
>>> KisMAC what I see most of the time is a blank SSID.
>>> However, if I monitor a busy access point for long enough,
>>> the SSID will occasionally show. Only to vanish again quickly.
>>> Literally, "in the blink of an eye".
>>>
>>> I haven't found the logic behind that in the source code yet,
>>> but what I think happens is that while SSIDs are being
>>> suppressed in the beacons ... occasionally an ASSOCIATE
>>> or REASSOCIATE frame shows up. Which does have the
>>> SSID. KisMAC seems to (correctly) display that, but it quickly
>>> goes away. Probably because a beacon packet (without
>>> the SSID) shows up.
>>>
>>> Perhaps if the logic want changed so that:
>>>
>>> If an SSID shows up in in an ASSOCIATE or
>>> REASSOCIATE packet, display it.
>>>
>>> if BEACON packets show up afterwards with
>>> zero length SSID, do not change the display.
>>>
>>> ... in other words: if a non-zero-length SSID shows up,
>>> keep displaying it. Even if subsequent BEACON frames
>>> from that access point have zero-length SSIDs.
>>>
>>>
>>>
>>> On Wednesday, Apr 9, 2003, at 12:43 Pacific/Honolulu, Robbie Miller
>>> wrote:
>>>
>>>>
>>>> I think the next release of kismac should include the ability to
>>>> discover the name of hidden SSIDs.
>>>> http://www.tisc2002.com/newsletters/416.html
>>>> I have found this document, some of the options on the site would
>>>> cause
>>>> the Kismac to reveal it's self.
>>>> So in my opinion I think that there should be a menu option to make
>>>> kismac attempt to discover the SSID.
>>>>
>>>>
>>>
>>>
>>
>>
>>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (Darwin)
>
> iD8DBQE+lea06ssxlS0dtH4RAqqbAJ95QBdf418bIpfkpU24ZFTWthuBawCbBmBa
> jIpA1LlzDwf9GqaUx6wPhx4=
> =bNC8
> -----END PGP SIGNATURE-----
>
>
Other related posts:
