Karlnet
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Karlnet] Kismet

from [Chris Conn] [Permanent Link][Original]
To: karlnet@WISPNotes.com
Subject: Re: [Karlnet] Kismet
From: Chris Conn <cconn@abacom.com>
Reply-to: karlnet@WISPNotes.com
Date: Tue, 24 Sep 2002 10:39:29 -0400
List-post: <mailto:karlnet@WISPNotes.com>
Travis Brown wrote:
I saw some disturbing text on the Kismet list about the author(s) beginning to receive info from Kismet users about Karlnet including packet dumps containing Karlnet traffic.

Apparently, they are going to push now to identify and decode Karlnet packets along with regular WiFi traffic. So far, from what I've seen, it won't be too hard, as a Linux-head friend of mine was able to decode the names of all of my Karlnet bases (SSIDs) and dig into the packets for info.

Does this bother anyone besides me?

Travis


Hello,

This should not really bother you any more than it did yesterday, since it has always been possible to do this, even with a Windows PC. You don't need many fancy tools to do this, just a few keys to tweak in the windows registry, use Ethereal as a protocol anaylyser and use the standard Orinoco driver (that's right, no need to get a Karlnet NDIS license). I can easily sniff with a Windows95 machine given about 20 minutes of setup time.

I would say that the average script kiddy or wardriver will not succeed since it is not as easy as simply downloading netstumbler. Also, ethereal is not too good at seeing the packet headers due to the bizzard size (superpacket aggregation), however most of the cleartext is visible when you scroll between packets. You can easily see HTTP transactions, POP3 usernames and passwords, etc etc. You just need to be a little more patient than your 802.11b counterparts.

We have always used WEP even though Karlnet has sustained that nobody does, and we have also been using the 8.10 Orinoco firmware since it includes the "weak wep key" avoidance, that is better than nothing. Too bad the 4.0 kernels now load tertiary firmware, you drop back to 7.52 and lose this functionality...It would be nice to see 8.10 in an eventual 4.x release (Doug?)

It would also be nice to see some sort of dynamic WEP keying like 802.1x???

Everyone I talked to, some on this list, have always lived in a world where Karlnet was proprietary therefore secure. Sorry folks but it is not as secure as some believe, without the proper measures.

Just my 0.02$,

Chris


[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Karlnet] Kismet, Charles Chia Sheng Wu
Next by Date:  RE: [Karlnet] Kismet, Dan Metcalf
Previous by Thread:  Re: [Karlnet] Kismet, Scott Stevens
Next by Thread:  RE: [Karlnet] Kismet, Dan Metcalf
Indexes:  [Date] [Thread] [Top] [All Lists]