suspicion about scanning for wireless (ndiswrapper) and router with hide essid on
Linux - Wireless NetworkingThis forum is for the discussion of wireless networking in Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
suspicion about scanning for wireless (ndiswrapper) and router with hide essid on
Does this return only access points with the same essid as you have set? Cause scannig with my essid set properly works and it lists my essid while if I disable my essid on the linux box it won't find anything.
So that means if I scan without essid and get no results it's because I'm using the wrong interface name or something? I'll try later as I can't disconnect as I'm trying to download a 1.2GB file again and it has failed too much the last few days.
If you scan without the ESSID set, and the ESSID broadcast is disabled on any in-range access point, you will get exactly what you've asked for - nothing.
The AP will still be visible to Kismet, etc., obviously.
Originally posted by 2Gnu If you scan without the ESSID set, and the ESSID broadcast is disabled on any in-range access point, you will get exactly what you've asked for - nothing.
Yes that's what I wanted to know
Quote:
The AP will still be visible to Kismet, etc., obviously.
Kismet? Is that a graphical manager or something? And then it won't show my essid I hope?
Kismet is a wifi detection and mapping tool. It will detect wireless access points and clients - regardless of essid broadcast disable/enable. It can, under some conditions, display the IP of the AP and the IP range of the client network, the manufacturer of the router, signal strength, wireless type & encryption status, longitude & latitude and the MAC addresses of the clients.
Quick lesson/rant on wireless misconceptions:
* SSID can't be kept secret, nor can the existance of an AP. It's a radio and once turned on, can be detected by anyone with an appropriate receiver.
* Beaconing of the SSID can be disabled, but the AP must respond with its SSID in response to a probe request. A listener can see the SSID when your client probes or if they initiate a probe.
* 802.11 controls are passed in cleartext. Regardless of any data encryption such as WEP, MAC address, IP address, etc. are available to anyone who wants them.
* That NetStumbler cannot see an AP with beaconing disabled is no indication of its stealth. It's very much like hiding by putting your hands over your eyes.
Originally posted by 2Gnu Kismet is a wifi detection and mapping tool. It will detect wireless access points and clients - regardless of essid broadcast disable/enable. It can, under some conditions, display the IP of the AP and the IP range of the client network, the manufacturer of the router, signal strength, wireless type & encryption status, longitude & latitude and the MAC addresses of the clients.
Quick lesson/rant on wireless misconceptions:
* SSID can't be kept secret, nor can the existance of an AP. It's a radio and once turned on, can be detected by anyone with an appropriate receiver.
* Beaconing of the SSID can be disabled, but the AP must respond with its SSID in response to a probe request. A listener can see the SSID when your client probes or if they initiate a probe.
* 802.11 controls are passed in cleartext. Regardless of any data encryption such as WEP, MAC address, IP address, etc. are available to anyone who wants them.
* That NetStumbler cannot see an AP with beaconing disabled is no indication of its stealth. It's very much like hiding by putting your hands over your eyes.
</rant>
Thanks for the lesson. Learned a few new things there. I asked cause I thought linux might have a bit more powerful or different programs that might see more than I was aware of. Now this seems to be nearly everything. Think I'll do my firewall tomorrow.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.