kistmet and encryption

Ok, here's my problem.
I'm trying to break my own wep key as an exercise in determining how
secure wep is (i know, its insecure, but i want to see it for myself).

I'd like to monitor with kismet, and feed that to airsnort later,
because I like kismet better, and it affords me more info about what
people can see as far as statistics about my router and its users.

Just assume that i need to get kismet working with encrypted packets.

I can run kismet fine, it sees my network, it picks up my packets.

However, when i hit "i" to bring up more info on my router, it says i am
using WEP, and it logs LLC packets, but no Crypt. I have wep turned on
on my router, and it is mandatory, and i'm successfully sending wireless
data from my other computer to the router.

I am using a Linksys BEFW11S4, with a prism2 card to capture
packets(Netgear MA401)

I've tried setting mangledatalog to true and false, fuzzycrypt=all (all
4 combinations of the two)

I don't really know what mangledatalog does though, but i tried both
options for both options of fuzzyencrypt.

Any ideas where to start? Any more information needed?
Would changing any settings on my router help? WEP is already enabled
and mandatory

And sorry for the crossposting, but i wasn't sure where this belonged.
If there's another place this should have gone (instead of crossposted
between these two) let me know with minimal scolding please.

Post to the Kismet forums if you want to reach people who use Kismet a lot.
I just gave it a quick glance. I found a thread that said that Prism2 cards
do not flag WEP in the frame header (this is incorrect behavior). So I guess
fuzzyencrypt tells Kismet to try to figure out if WEP is being used. It's
possible that the algorithm for doing that is not perfect.

Also, you know that you have to configure the key for Kismet, right? I don't
know how to do that. Check to see if your keylength is supported by Kismet
(if it's 152 or higher, it may not be). Also, I think you can specify
different keys based on MAC address range, since it's monitoring multiple
hosts, and each host can have a separate key (at least, the standard
supports this, although cheapo home/SOHO routers don't).

"not_real" <(E-Mail Removed)> wrote in message
news:9f4i81-(E-Mail Removed)...
> Ok, here's my problem.
> I'm trying to break my own wep key as an exercise in determining how
> secure wep is (i know, its insecure, but i want to see it for myself).
>
> I'd like to monitor with kismet, and feed that to airsnort later,
> because I like kismet better, and it affords me more info about what
> people can see as far as statistics about my router and its users.
>
> Just assume that i need to get kismet working with encrypted packets.
>
> I can run kismet fine, it sees my network, it picks up my packets.
>
> However, when i hit "i" to bring up more info on my router, it says i am
> using WEP, and it logs LLC packets, but no Crypt. I have wep turned on
> on my router, and it is mandatory, and i'm successfully sending wireless
> data from my other computer to the router.
>
> I am using a Linksys BEFW11S4, with a prism2 card to capture
> packets(Netgear MA401)
>
> I've tried setting mangledatalog to true and false, fuzzycrypt=all (all
> 4 combinations of the two)
>
> I don't really know what mangledatalog does though, but i tried both
> options for both options of fuzzyencrypt.
>
> Any ideas where to start? Any more information needed?
> Would changing any settings on my router help? WEP is already enabled
> and mandatory
>
> And sorry for the crossposting, but i wasn't sure where this belonged.
> If there's another place this should have gone (instead of crossposted
> between these two) let me know with minimal scolding please.
>
>

On 2003-11-15, gary <(E-Mail Removed)> wrote:
> Post to the Kismet forums if you want to reach people who use Kismet a lot.
> I just gave it a quick glance. I found a thread that said that Prism2 cards
> do not flag WEP in the frame header (this is incorrect behavior). So I guess
> fuzzyencrypt tells Kismet to try to figure out if WEP is being used. It's
> possible that the algorithm for doing that is not perfect.
>

I have seen this, but i thought fuzzyencrypt was supposed to fix it.
How then, does airsnort interpret encrypted packets just fine?


> Also, you know that you have to configure the key for Kismet, right? I don't
> know how to do that. Check to see if your keylength is supported by Kismet

I don't know what you mean by this... i'm assuming that i don't know the
key to my wep (though i do) and i'm trying to crack it to see how secure
it is. I can read about how secure it is, but that's not very helpful,
and I want to see how its done with kismet+airsnort, not just airsnort

Kismet doesn't crack keys. It is not a cracking tool. Read the feature list
at:

http://www.kismetwireless.net

Cracking is not anywhere on it.

"not_real" <(E-Mail Removed)> wrote in message
news:ejel81-(E-Mail Removed)...
> On 2003-11-15, gary <(E-Mail Removed)> wrote:
> > Post to the Kismet forums if you want to reach people who use Kismet a
lot.
> > I just gave it a quick glance. I found a thread that said that Prism2
cards
> > do not flag WEP in the frame header (this is incorrect behavior). So I
guess
> > fuzzyencrypt tells Kismet to try to figure out if WEP is being used.
It's
> > possible that the algorithm for doing that is not perfect.
> >
>
> I have seen this, but i thought fuzzyencrypt was supposed to fix it.
> How then, does airsnort interpret encrypted packets just fine?
>
>
> > Also, you know that you have to configure the key for Kismet, right? I
don't
> > know how to do that. Check to see if your keylength is supported by
Kismet
>
> I don't know what you mean by this... i'm assuming that i don't know the
> key to my wep (though i do) and i'm trying to crack it to see how secure
> it is. I can read about how secure it is, but that's not very helpful,
> and I want to see how its done with kismet+airsnort, not just airsnort

Checkout

http://www.kismetwireless.net/Forum/...1912132.684182

Does this sound like your problem?

"not_real" <(E-Mail Removed)> wrote in message
news:ejel81-(E-Mail Removed)...
> On 2003-11-15, gary <(E-Mail Removed)> wrote:
> > Post to the Kismet forums if you want to reach people who use Kismet a
lot.
> > I just gave it a quick glance. I found a thread that said that Prism2
cards
> > do not flag WEP in the frame header (this is incorrect behavior). So I
guess
> > fuzzyencrypt tells Kismet to try to figure out if WEP is being used.
It's
> > possible that the algorithm for doing that is not perfect.
> >
>
> I have seen this, but i thought fuzzyencrypt was supposed to fix it.
> How then, does airsnort interpret encrypted packets just fine?
>
>
> > Also, you know that you have to configure the key for Kismet, right? I
don't
> > know how to do that. Check to see if your keylength is supported by
Kismet
>
> I don't know what you mean by this... i'm assuming that i don't know the
> key to my wep (though i do) and i'm trying to crack it to see how secure
> it is. I can read about how secure it is, but that's not very helpful,
> and I want to see how its done with kismet+airsnort, not just airsnort

On 2003-11-17, gary <(E-Mail Removed)> wrote:
> Kismet doesn't crack keys. It is not a cracking tool. Read the feature list
> at:
>
> http://www.kismetwireless.net
>
> Cracking is not anywhere on it.

Of course not. Never said it did. In fact, i said, as you can see
below, that i want to use "kismet+airsnort". Please read closely. I
want to capture encrypted packets with kismet though, and its not
capturing packets and marking them encrypted correctly. Its also not
picking up on weak packets, but i can deal with that after i understand
why its not logging encypted.

>> and I want to see how its done with kismet+airsnort, not just airsnort


--
Luke StClair
(E-Mail Removed)
PGP key: http://www.students.uiuc.edu/~clairst

On 2003-11-17, gary <(E-Mail Removed)> wrote:
> Checkout
>
> http://www.kismetwireless.net/Forum/...1912132.684182
>
> Does this sound like your problem?
>

A little bit, possibly. I don't know if kismet saw packets as encrypted
(probably not, since he said he had to save the whole dump file). Of
course, there's no answer there.

But I will try to load my dump files into airsnort and see what it makes
of it.

As in previous post, please see

http://www.kismetwireless.net/Forum/...1912132.684182

"Luke" <(E-Mail Removed)> wrote in message
news:44tl81-(E-Mail Removed)...
> On 2003-11-17, gary <(E-Mail Removed)> wrote:
> > Kismet doesn't crack keys. It is not a cracking tool. Read the feature
list
> > at:
> >
> > http://www.kismetwireless.net
> >
> > Cracking is not anywhere on it.
>
> Of course not. Never said it did. In fact, i said, as you can see
> below, that i want to use "kismet+airsnort". Please read closely. I
> want to capture encrypted packets with kismet though, and its not
> capturing packets and marking them encrypted correctly. Its also not
> picking up on weak packets, but i can deal with that after i understand
> why its not logging encypted.
>
> >> and I want to see how its done with kismet+airsnort, not just airsnort
>
>
> --
> Luke StClair
> (E-Mail Removed)
> PGP key: http://www.students.uiuc.edu/~clairst

On 2003-11-17, gary <(E-Mail Removed)> wrote:
> As in previous post, please see
>
> http://www.kismetwireless.net/Forum/...1912132.684182
>

How does this link help?

I told you that i saw that link, and that it didn't have an answer, and
that it may or may not be a similar problem.

I don't know if that's a prism2 card. And airsnort picks up on things
just fine for me, and kismet doesn't list any weak iv's like the
poster's configuration does.

What am i missing here? Why does this apply at all?

On Sat, 15 Nov 2003 17:35:51 +0000, not_real wrote:

[snip]

I have let kismet run in an area of a known ap, It had ran over 38 hours.
Not 1 encrypted packet all beacon frames. Few days later i did the same
thing it ran maybe 3 hours and picked some up. Maybe the network you are
scanning just isnt sending any encrypted packets period.. Even airsnort
can run long time gather none, Depends on the network your scanning's load..
Gl