[kismac] Re: managed but not encrypted ap?

  • From: Robin L Darroch <robin@xxxxxxxxxxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Fri, 12 May 2006 07:21:11 +0800

What does it mean when I scan a network that has no WEP or WPA
encryption ("NO" in encryption column) but is still a "managed" AP and
therefore unwilling to accept unencrypted connections? And how would I
go about testing this AP's resilience to attack?

"Managed" simply means it is controlled by a central access point, as opposed to "ad hoc" (which is essentially a wireless peer-to-peer network set up between two or more computers without a central access point). "Managed" has nothing to do with whether connections need to be encrypted. If it is unencrypted but won't accept an attempt to connect, then most likely the reason is that it has a restricted list of MAC addresses (i.e. the hardware address of network cards) which the access point will allow to connect. This is a very insecure way of doing things, because it's easy to monitor the network traffic using a utility like KisMAC, then either just steal what you want out of the unencrypted traffic you capture, or - for the more technically advanced - fake your own MAC address to match one of the adapters allowed on the network, and join using the fake MAC address.

 Robin L. Darroch - PO Box 2715, South Hedland WA 6722 - +61 421 503 966
      robin@xxxxxxxxxxxxx - robin@xxxxxxxxxxx - robin@xxxxxxxxxxxxx

Other related posts: