RE: kismet session

From: Todd Towles (toddtowles@brookshires.com)
Date: Wed Aug 18 2004 - 13:29:31 EDT


Jerry is right. As it hops you miss packets. But Jacob stated to me that
he was having the same problem in ethereal on the WF interface.
Therefore I think he has a bigger problem than just channel-hopping.

Airsnort and Kimset both channel and you will see the amounted of
captured traffice once you lock on to a given channel.
 

-----Original Message-----
From: Jerry Shenk [mailto:jshenk@decommunications.com]
Sent: Tuesday, August 17, 2004 5:44 PM
To: pen-test@securityfocus.com
Subject: RE: kismet session

Are you channel-hopping? If so, you might want to turn that off while
you're interested in something specific. The channel-hopping is best
for finding APs but once you have a particular one that you're trying to
collect data from, it's best to lock Kismet to that single channel so
you don't hop off and miss packets.

-----Original Message-----
From: Jacob Uecker [mailto:jacob@juecker.net]
Sent: Monday, August 16, 2004 12:25 PM
To: pen-test@securityfocus.com
Subject: kismet session

I have a wireless environment that I'm trying to test and I'm having
problems seeing an entire wireless TCP session. When a wireless client
connect sends an e-mail, Kismet will only see the packets that are
traveling from the AP to the client, not from the client to the AP. I've
done this where everything is in the same room, so I know it's not an
out-of-range problem. The AP is a Cisco 1200AP and the client is running
XP with a Cisco 350 card. I'm using an Orinoco Gold card with Kismet.
I did notice that a Microsoft AP doesn't have this problem. And to add
further confusion, AirMagnet picks up the entire session on either AP.
I was wondering of someone out there had run into this type of problem
before.

Regards,
        Jacob Uecker

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:59 EDT