RE: kismet session

["Jerry Shenk" <jshenk () decommunications com>]

Are you channel-hopping?  If so, you might want to turn that off while
you're interested in something specific.  The channel-hopping is best
for finding APs but once you have a particular one that you're trying to
collect data from, it's best to lock Kismet to that single channel so
you don't hop off and miss packets.

-----Original Message-----
From: Jacob Uecker [mailto:jacob () juecker net] 
Sent: Monday, August 16, 2004 12:25 PM
To: pen-test () securityfocus com
Subject: kismet session


I have a wireless environment that I'm trying to test and I'm having
problems seeing an entire wireless TCP session.  When a wireless client
connect sends an e-mail, Kismet will only see the packets that are
traveling from the AP to the client, not from the client to the AP. I've
done this where everything is in the same room, so I know it's not an
out-of-range problem. The AP is a Cisco 1200AP and the client is running
XP with a Cisco 350 card.  I'm using an Orinoco Gold card with Kismet.
I did notice that a Microsoft AP doesn't have this problem.  And to add
further confusion, AirMagnet picks up the entire session on either AP.
I was wondering of someone out there had run into this type of problem
before.

Regards,
        Jacob Uecker