[kismac] Re: managed but not encrypted ap?

  • From: devnullian@xxxxxxx
  • To: kismac@xxxxxxxxxxxxx
  • Date: Fri, 12 May 2006 21:23:05 +0500

Other option, that also protects you from some vulnerabilities in the way OS X selects networks to join (look for "karma" wireless attack tools on web) is to remove all preferred networks from the list using system perfs, then use spoofmac when you start OS X, BEFORE joining a network.
Since KisMAC developers seem to have done much better job of reloading airport drivers with system running, maybe this could be a feature request? Hopefully this could be done with simple regexp (to change airport driver in hex as described in "the hard way" link on trac) and driver reload. But I also know that humans must sleep sometime (thought Geoff seems superhuman at times...), so maybe not...
On May 12, 2006, at 8:03 PM, John Warren wrote:

I have found many times that spoofmac works best (read = actually only
works) if I turn off my airport, restart, run spoofmac, turn on
airport, use with new mac address.  Then I restart and it will return
to normal address.

On 5/12/06, SG <sub.genius@xxxxxxxxxxx> wrote:

Robin L Darroch wrote:

>> What does it mean when I scan a network that has no WEP or WPA
>> encryption ("NO" in encryption column) but is still a "managed" AP and
>> therefore unwilling to accept unencrypted connections? And how would I
>> go about testing this AP's resilience to attack?
> "Managed" simply means it is controlled by a central access point, as
> opposed to "ad hoc" (which is essentially a wireless peer-to-peer
> network set up between two or more computers without a central access
> point). "Managed" has nothing to do with whether connections need to
> be encrypted. If it is unencrypted but won't accept an attempt to
> connect, then most likely the reason is that it has a restricted list
> of MAC addresses (i.e. the hardware address of network cards) which
> the access point will allow to connect. This is a very insecure way
> of doing things, because it's easy to monitor the network traffic
> using a utility like KisMAC, then either just steal what you want out
> of the unencrypted traffic you capture, or - for the more technically
> advanced - fake your own MAC address to match one of the adapters
> allowed on the network, and join using the fake MAC address.

If you want to try to spoof your mac address, you can do this with a utility called spoofmac for airport extreme cards.

Other related posts: