1. Home
  2. Wireless Networking
  3. Scanner WPA / WEP

Scanner WPA / WEP

Nope. One problem is putting the Windoze card into promiscuous mode for passive sniffing. Netstumbler is an active sniffer (it sends probe packets), while Kismet is a passive sniffer (it just listens). Netstumbler could easily be tweaked to display the encryption method, but development has apparently stopped.

However, all is not lost. Two suggestions. Look into Kismet_drone for the WRT54G.

formatting link
formatting link
use the router for a sniffer. Note that the WRT54G will run from

12VDC from the cigarette lighter or a battery pack:
formatting link
is overkill:
formatting link
On the same site are instructions for how to compile and run Kismet under Cygwin on Windoze. I run Cygwin here, but have never bothered to try Kismet. The instructions look, well... messy. Let me know if it works for you.

Also see:

formatting link
Look for multiple Kismet on Windoze instructions.

Reply to
Jeff Liebermann
Loading thread data ...

I'm not sure any of them can tell the difference between WEP and WPA-TKIP, as they are essentially the same, just that WPA-TKIP changes the keys every once in a while.

Reply to
William P.N. Smith

Hi, does it exist a software netstumbler-like or airopeek-like that recognize the encription method of a wireless network? I know that KISMET is able to do in LINUX Do you kwow something for WIN? Tnx

Reply to
Alessandro P.

There's considerable detectable differences between WEP and WPA. The shared key went from 40 or 104 bits to 128 bits. The initialization vector went from 24 bits to 48 bits. A replay protection field was added. WPA also added an Integrity Check Value field. These can all be easily detected without decryption.

Maybe this will help:

Feature WEP WPA WPA2 Cipher RC-4 RC-4 AES Key length bits 40 or 104 128 128 Authentication None 64 64 IV size bits 24 48 48 Per-frame key Concatenated Mixing Not needed Integrity CRC-32 ICV MIChael CCM Header integrity None MIChael CCM Replay protect None IV sequence IV sequence Key mgmt Static shared 802.1x/PSK 802.1x/PSK

Stolen from Embedded Computing Design magazine Sept 2005, p152 with corrections and edits by me.

Reply to
Jeff Liebermann

Nice table, thx :)

Jeff Liebermann skrev:

Reply to
Christian Grü

formatting link
This bundle can passive snif, identify, crack etc etc...

Airodump (included in that package) gives you a list of clients, AP, rates, signalstrengths, AND tadaa, encryption.

/Christian Grüner

formatting link
Alessandro P. skrev:

Reply to
Christian Grü

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.