Scanner WPA / WEP

Hi,
does it exist a software netstumbler-like or airopeek-like that recognize
the encription method of a wireless network?
I know that KISMET is able to do in LINUX
Do you kwow something for WIN?
Tnx

On Sat, 24 Dec 2005 19:21:23 +0100, "Alessandro P."
<(E-Mail Removed)> wrote:

>does it exist a software netstumbler-like or airopeek-like that recognize
>the encription method of a wireless network?
>I know that KISMET is able to do in LINUX
>Do you kwow something for WIN?

Nope. One problem is putting the Windoze card into promiscuous mode
for passive sniffing. Netstumbler is an active sniffer (it sends
probe packets), while Kismet is a passive sniffer (it just listens).
Netstumbler could easily be tweaked to display the encryption method,
but development has apparently stopped.

However, all is not lost. Two suggestions. Look into Kismet_drone
for the WRT54G.
http://www.kismetwireless.net
http://toys.lerdorf.com/archives/20-...ys-WRT54G.html
and use the router for a sniffer. Note that the WRT54G will run from
12VDC from the cigarette lighter or a battery pack:
http://www.ck3k.org/gal/wrt/
This is overkill:
http://hackerpimps.com/wrtzilla.jpg

On the same site are instructions for how to compile and run Kismet
under Cygwin on Windoze. I run Cygwin here, but have never bothered
to try Kismet. The instructions look, well... messy. Let me know if
it works for you.

Also see:
http://www.churchofwifi.org/Project_index.asp
Look for multiple Kismet on Windoze instructions.



--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

"Alessandro P." <(E-Mail Removed)> wrote:
>does it exist a software netstumbler-like or airopeek-like that recognize
>the encription method of a wireless network?

I'm not sure any of them can tell the difference between WEP and
WPA-TKIP, as they are essentially the same, just that WPA-TKIP changes
the keys every once in a while.

On Sat, 24 Dec 2005 17:33:16 -0500, William P.N. Smith
<(E-Mail Removed)> wrote:

>"Alessandro P." <(E-Mail Removed)> wrote:
>>does it exist a software netstumbler-like or airopeek-like that recognize
>>the encription method of a wireless network?

>I'm not sure any of them can tell the difference between WEP and
>WPA-TKIP, as they are essentially the same, just that WPA-TKIP changes
>the keys every once in a while.

There's considerable detectable differences between WEP and WPA.
The shared key went from 40 or 104 bits to 128 bits. The
initialization vector went from 24 bits to 48 bits. A replay
protection field was added. WPA also added an Integrity Check Value
field. These can all be easily detected without decryption.

Maybe this will help:

Feature WEP WPA WPA2
Cipher RC-4 RC-4 AES
Key length bits 40 or 104 128 128
Authentication None 64 64
IV size bits 24 48 48
Per-frame key Concatenated Mixing Not needed
Integrity CRC-32 ICV MIChael CCM
Header integrity None MIChael CCM
Replay protect None IV sequence IV sequence
Key mgmt Static shared 802.1x/PSK 802.1x/PSK

Stolen from Embedded Computing Design magazine Sept 2005, p152 with
corrections and edits by me.

--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Nice table, thx

Jeff Liebermann skrev:

> On Sat, 24 Dec 2005 17:33:16 -0500, William P.N. Smith
> <(E-Mail Removed)> wrote:
>
>
>>"Alessandro P." <(E-Mail Removed)> wrote:
>>
>>>does it exist a software netstumbler-like or airopeek-like that recognize
>>>the encription method of a wireless network?
>
>
>>I'm not sure any of them can tell the difference between WEP and
>>WPA-TKIP, as they are essentially the same, just that WPA-TKIP changes
>>the keys every once in a while.
>
>
> There's considerable detectable differences between WEP and WPA.
> The shared key went from 40 or 104 bits to 128 bits. The
> initialization vector went from 24 bits to 48 bits. A replay
> protection field was added. WPA also added an Integrity Check Value
> field. These can all be easily detected without decryption.
>
> Maybe this will help:
>
> Feature WEP WPA WPA2
> Cipher RC-4 RC-4 AES
> Key length bits 40 or 104 128 128
> Authentication None 64 64
> IV size bits 24 48 48
> Per-frame key Concatenated Mixing Not needed
> Integrity CRC-32 ICV MIChael CCM
> Header integrity None MIChael CCM
> Replay protect None IV sequence IV sequence
> Key mgmt Static shared 802.1x/PSK 802.1x/PSK
>
> Stolen from Embedded Computing Design magazine Sept 2005, p152 with
> corrections and edits by me.
>

http://freshmeat.net/projects/aircrack/

This bundle can passive snif, identify, crack etc etc...

Airodump (included in that package) gives you a list of clients, AP,
rates, signalstrengths, AND tadaa, encryption.

/Christian Grüner
http://christiangruner.com

Alessandro P. skrev:

> Hi,
> does it exist a software netstumbler-like or airopeek-like that recognize
> the encription method of a wireless network?
> I know that KISMET is able to do in LINUX
> Do you kwow something for WIN?
> Tnx
>
>