[kismac] Re: kismac crash/hang
- From: Michael Rossberg <mick@xxxxxxxxxxxxxxxx>
- To: kismac@xxxxxxxxxxxxx
- Date: Wed, 19 Feb 2003 11:02:57 +0100
Hi,
> I collected roughly 2 mil packets with kismac and running the wep
> crack (the
> "both" option) it hangs and sometimes crashes my whole machine.
> I'm trying the same .kismac file on the new .03c version.
> Has anyone else had similar results? Also what exactly does the
> .kismac
> file save? (The .kismac I've been trying to run the wep crack on is
> only
> ~10 mb.
the 10 mb is ok. kismac only logs 4 byte for each weak packet. is there
a chance that you can send me this file for further analysis?
> Last question, if I had a computer that is allowed on a wlan (the wep
> code
> has been stored on the machine) and another computer not allowed on
> the
> network. I'm wondering if I save a pcap file from the machine allowed
> on
> the wlan, can i load that into kismac and then use the wep crack to
> figure
> out the wep code?
well there are possible attacks on such a scenario. since you know what
one computer is sending the other one could build up a dictionary for
each iv. the file would be around 24 gb big. however no program that i
know of uses such an attack, but it would also work on networks, that
do not produce weak ivs! i was thinking of such a dictionary attack in
order to break eap-tls, but it did not require a computer in the same
wifi-network, but somewhere in the internet.
if it is a mac, you are aware of the keychain feature?
> Using a Linksys wpc11 card I pick up several channels of a wlan. In
> order
> to pick up more data and spend less time hopping from other inactive
> channels I set the hop to only include these too channels 1 & 5. Oddly
> there is one AP on channel 5 that fluctuates from wep enabled to
> disabled
> every second or so. Is this an error in the MacJack driver or a bug
> elsewhere? Using my internal airport with the viha driver never picks
> up
> this odd switch between the wep enabled to disabled.
> Anyone else have this experience?
this is normal. prism2 cards do not hand over the wep bit in the frame
header. so kismac uses a heuristic method to determine between weped
and not weped packets. nothing to worry about.
mick
Other related posts:
