Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wireless Recon with NetStumbler

From: anindya <anindya () goonda org>
Date: Fri, 17 Aug 2001 17:52:10 -0400 (EDT)
Hi Mark,

        I'm not sure about your specific problem with Netstumbler,
however I do know that _generally_ when a 802.11b card is put
into monitor mode you are not allowed to transmit, only passively
recieve. Perhaps the application is dying for this reason --
putting the card into monitor mode after already being associated
and authenticated confuses the firmware? I usually leave the
card in monitor mode until I find a desirable AP, then pop
it out and back in, and _then_ attempt to access the network.

I do know that the Lucent drivers have fubared by win2k system
on a number of occassions, rebooting and reinstalling drivers
is the only solution I have found. I'd recommend using the
Cisco Aironets or a Prism2-based chipset (SMC, D-link,
Compaq, etc) under Linux/BSD for your wardriving efforts;
the drivers, although evolving, seem to be more well-behaved
and complete than under Win2k.

--Anindya


On Thu, 16 Aug 2001, Adams, Mark wrote:


We are attempting to perform wireless recon for a client but we are having
trouble using NetStumbler.  We have an Orinoco Gold NIC with legit WEP keys
(provided by the client).  We connect to the AP and continue to login to the
NT domain as normal.  We can browse the network all around no problem.  We
start Netstumbler and it gets the closest AP that we are close to and then
the NIC dies.  All connectivity is lost.  Netstumbler still runs, but it
will not find any AP's (because the NIC is dead)
Stopping and restarting the PC Card, network service, or doing any ipconfig
command does not revive the NIC.  We must reboot.  The AP is a RoamAbout
from Enterasys Networks.

By the way, we do not have this problem at their other site.  Any ideas?


Mark Adams, CISSP
markadams () kpmg com




**********************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
**********************************************************************


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/




----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: