Hi, > I collected roughly 2 mil packets with kismac and running the wep > crack (the > "both" option) it hangs and sometimes crashes my whole machine. > I'm trying the same .kismac file on the new .03c version. > Has anyone else had similar results? Also what exactly does the > .kismac > file save? (The .kismac I've been trying to run the wep crack on is > only > ~10 mb. the 10 mb is ok. kismac only logs 4 byte for each weak packet. is there a chance that you can send me this file for further analysis? > Last question, if I had a computer that is allowed on a wlan (the wep > code > has been stored on the machine) and another computer not allowed on > the > network. I'm wondering if I save a pcap file from the machine allowed > on > the wlan, can i load that into kismac and then use the wep crack to > figure > out the wep code? well there are possible attacks on such a scenario. since you know what one computer is sending the other one could build up a dictionary for each iv. the file would be around 24 gb big. however no program that i know of uses such an attack, but it would also work on networks, that do not produce weak ivs! i was thinking of such a dictionary attack in order to break eap-tls, but it did not require a computer in the same wifi-network, but somewhere in the internet. if it is a mac, you are aware of the keychain feature? > Using a Linksys wpc11 card I pick up several channels of a wlan. In > order > to pick up more data and spend less time hopping from other inactive > channels I set the hop to only include these too channels 1 & 5. Oddly > there is one AP on channel 5 that fluctuates from wep enabled to > disabled > every second or so. Is this an error in the MacJack driver or a bug > elsewhere? Using my internal airport with the viha driver never picks > up > this odd switch between the wep enabled to disabled. > Anyone else have this experience? this is normal. prism2 cards do not hand over the wep bit in the frame header. so kismac uses a heuristic method to determine between weped and not weped packets. nothing to worry about. mick