Auditor - Wep Crack - Airodump/Aircrack Qs
I am using the latest version of Auditor to hack into my wireless network (I use a Linksys WRT54GS with a 128bit WEP key) and want derive my own WEP key with sniffing IVs and using aircrack. I chose to use a Prism card, Linksys WPC 11 v. 3. The CD runs well and the card is detected as either eth0 or eth1.
As I have been trying to put the card into monitor mode, an iwconfig always shows "managed mode". However, Kismet runs smoothly and so do airodump and aireplay. I usually switch-to-hostap before starting anything else.
Here is my usual konsole routine:
# iwpriv eth1 monitor 2 11
I also open kismet, and use the "Shift + L" key to lock my card on my own BSSID, then close kismet.
# airodump eth1 cap1 <MAC ADDRESS OF MY BSSID>
Airodump collects packets including IVs corretly. When I launch aircrack 2.1 (aircrack -m <MAC ADDRESS OF MY BSSID> -n 64 -q 3 cap*.cap), the number of "unique IVs" is always less than what Airodump collects (only about one third of Airodump IVs are considered "unique IVs" by aircrack. How come? Is it a matter of drivers? Should I start over with the wlanng driver instead?
I once colleted about 800,000 IVs on Airodump (about 3 million packets) and Airodump started giving me a "cannot write" error. I believe it is because it was running out of space to write the file, since it is not using the hard drive. Auditor was then becoming to be buggy and very slow and I had to restart it and lost the data collected.
Please offer advice.
Thank you for your help,