Snort mailing list archives
Re: Taking Down Wifi
From: Martin Roesch <roesch () sourcefire com>
Date: Wed, 29 Aug 2007 10:17:17 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It's a known bug on MBP's. For what it's worth, it happens to me on my MBP too and I curse it mightily whenever I forget and start a sniffer on the wireless interface by accident. From the wireshark lists: http://www.mail-archive.com/wireshark-users () wireshark org/msg00803.html Apple uses Snort internally, maybe I can lob a query in there and they'll leap into action. (And maybe Steve Jobs will give me a personal call to thank me. I can always dream....) -Marty On Aug 29, 2007, at 9:32 AM, Quantum Scientific wrote:
I've turned off promiscuous. Same problem. Gotta ditch Snort. On 29 Aug, 2007, at 04:06, Dev Null wrote:I have no idea :(. All I know is that passive sniffing and being connected at the same time just do not work.Kismet and company switch channels in order to scan, which automatically drops you from whatever AP you were connected to on the (now) old channel. Not sure why just firing up snort would drop AP. I suspect the driver sees the card is now in promiscuous mode and decides it needs to reset the card / AP association. Kinda weird. I do wifi sniffing w/ snort and kismet all the time. Kismet drops AP as expected. Snort never does. --------------------------------------------------------------------- ---- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users---------------------------------------------------------------------- --- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
- -- Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616 Sourcefire - Security for the Real World - http://www.sourcefire.com Snort: Open Source IDP - http://www.snort.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin) iD8DBQFG1X/uqj0FAQQ3KOARAudVAJ0eEB1TOmpfI6KA7nvhvR1SLJ1MIQCbBHmo R7IBYFlzZu63biNXcdGfsbQ= =h9FT -----END PGP SIGNATURE----- ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Taking Down Wifi Quantum Scientific (Aug 28)
- Re: Taking Down Wifi Jason Brvenik (Aug 28)
- Re: Taking Down Wifi Quantum Scientific (Aug 28)
- Re: Taking Down Wifi James Lay (Aug 28)
- Re: Taking Down Wifi Quantum Scientific (Aug 28)
- Re: Taking Down Wifi James Lay (Aug 28)
- Re: Taking Down Wifi Dev Null (Aug 29)
- Re: Taking Down Wifi Quantum Scientific (Aug 29)
- Re: Taking Down Wifi Martin Roesch (Aug 29)
- Re: Taking Down Wifi Quantum Scientific (Aug 28)
- Re: Taking Down Wifi Jason Brvenik (Aug 28)