Full Disclosure mailing list archives

RE: WiFi question

From: "Todd Towles" <toddtowles () brookshires com>
Date: Wed, 17 Nov 2004 16:03:40 -0600

If you want to do Kismet, get a Sharp Zaurus handheld and install
OpenZaurus. Been running Dsniff, Kismet and Nmap on my handheld.

-----Original Message-----
From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Dave King
Sent: Wednesday, November 17, 2004 10:52 AM
To: Colin.Scott () csplc com
Cc: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] WiFi question

As far as handheld devices to aid you in your quest go, there 
are several options.  If you've got a Pocket PC around you 
can try ministumbler, which is basically the Pocket PC 
version of netstumbler.  
It's free and would probably do most of what you want.  If 
you want more and you're willing to fork out some cash (I 
believe it's around $3000) AirMagnet can do some really cool 
stuff but it's probably overkill for you. 

If you're feeling brave and can get a hold of an Ipaq you can 
replace Windows with Familiar Linux (www.handhelds.org) and 
then install Kismet
(www.kismetwireless.net) which is a great free WiFi 
detecting/sniffing utility.  Kismet can even work with a gps 
reciever and triangulate the location of the access point 
(although gps systems don't tend to work well in buildings).  
This option is what I use since I could run it on an Ipaq I 
picked up off Ebay cheap and has all the features I need, 
plus it's free.

Laters,
Dave King
http://www.thesecure.net

Colin.Scott () csplc com wrote:

List,

I'm an expert in nothing so when I saw this I had to ask, as Im sure 
theres someone out there that is a WiFi expert.

Google has found no answer so here goes.

Last night we saw a new access point appear. No problems its

an ad-hoc

network so its someone's machine with XP on configured for

their home

W-LAN probably.  Running Netstumbler shows more on it though.

You get 2 Access Points showing this ESSID for a few

seconds. Then you

get a 3rd, then a 4rth. Then the first two drop off, this

repeats forever.

Always using a different MAC address when a new AP appears.

The APs are

all WEP enabled (which I cant crack cos I dont have the savvy or the 
tools :) ) and this goes on forever.

The MACs are all from different pools (i.e. assigned to different
manufacturers) so the only conclusion is that they are all

spoofed MACs.


I have walked around the office and as far as I can tell its coming 
from this office (the IT dept), basing that assumption on

signal strength.


Anyone seen any tools that do this?   I would love a little hand-held
gadget that would help me find it (like the scanner in Alien!)

Answers on a post card :)

Colin.





*************************************************************

**********

***************

This e-mail is confidential and may contain privileged

information.  If

you are not the addressee or if you have received the e-mail

in error,

it may be unlawful for you to read, copy, distribute, disclose or 
otherwise use the information which it contains.  Under these 
circumstances, please notify us immediately by returning

this mail to

'mailerror () csplc com' and deleting this e-mail from your system.

Any views expressed by an individual within this e-mail do not 
necessarily reflect the views of Cadbury Schweppes Plc or its 
subsidiaries.  Cadbury Schweppes Plc will not be bound by

any agreement

entered into as a result of this email, unless its intention

is clearly evidenced in the body of the email.

Whilst we have taken reasonable steps to ensure that this e-mail and 
attachments are free from viruses, recipients are advised to subject 
this mail to their own virus checking, in keeping with good

computing

practice. Please note that email received by Cadbury

Schweppes Plc or

its subsidiaries may be monitored in accordance with the

prevailing law in the United Kingdom.


*************************************************************

**********

***************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: WiFi question, (continued)
- Re: WiFi question Dave King (Nov 17)
- RE: WiFi question Lachniet, Mark (Nov 17)
  - Re: WiFi question GuidoZ (Nov 17)
  - RE: WiFi question Paul Schmehl (Nov 18)
    - RE: WiFi question Paul Schmehl (Nov 19)
    - Re: WiFi question Esmond (Nov 19)
    - RE: WiFi question Ake Nordin (Nov 21)
    - RE: WiFi question Paul Schmehl (Nov 22)
    - RE: WiFi question Ron DuFresne (Nov 22)
    - RE: WiFi question Colin . Scott (Nov 23)
- RE: WiFi question Todd Towles (Nov 17)
- RE: WiFi question Todd Towles (Nov 17)
- RE: WiFi question Lachniet, Mark (Nov 18)
- RE: WiFi question Todd Towles (Nov 19)