Is there an easy way (similar to NetStumbler) to detect APs with SSID broadcast turned off? This seems to be a recurring problem, and this Xmas it's only going to get worse, as people get APs and set them up with last year's security paradigms...
I could live with a Live Linux CD, as Simply Mepis 3.3.1-1 seems to work on my laptop...
Yes, but you're going to have to live with (and enjoy) Linux. Most of the LiveCD's and floppish have Kismet includes. The reason you don't find such a sniffer on Windoze is that the Windoze wireless card drivers intentionally have the promiscuous mode disabled or not implimented. There are ways of dealing with this under Windoze, but I'm not gonna say anything.
favorite (this week). Watch out for the ugly implimentation of Intel wireless cards.
down to "wireless tools")
Trinux (from a floppy disk):
I and II only.
There are probably better incantations, such as those that will run from a bootable USB dongle or Compact Flash card. However, I'm lazy and just use the above.
Worked flawlessly, thanks! Yeah, I had to pick the right .ISO for the Intel 2200BG card, and there's some strangeness restarting GKismet, but reboots are pretty easy, if somewhat time-consuming. I can see networks when set to SSID broadcast off, which is really what I was looking for.
When I've got a lot of spare time I'll have to try breaking my WPA.