Linux - Wireless NetworkingThis forum is for the discussion of wireless networking in Linux.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Hello all, this is my first post. I bought a wireless router and got interested on how secure it could get so I went on an online safari to learn as much as possible on how a person could break into a wireless network. So here are some questions I have, hope someone will be able to answer me =) correct me if I'm wrong on the following:
1-To sniff over a network, cable or wireless, you need to be connected to that network right? Because when the NIC is set to promiscuous mode it can see the packets only if it's connected to the network right? I'm still running some tests on that.
2-I've been told about frames. When you speak of frames it's the same thing like speaking of packets right? And why can't I seem to find examples of a frame structure on internet, because I would like to be able to forge a frame, for example.
That second point is the most important for me I guess since I'm writing a little python program to forge some packets/frames (here's my confusion =o)
to for example send a frame to disconnect a host that would be connected to my network.
Thanks for any help, knowledge is always helpful =)
Last edited by ex17; 02-25-2008 at 02:32 PM.
Reason: had one or two errors
1- well you need to define "connect" here... you can capture any wireless traffic in it's encrypted state just by listening to the right channel, and any ethernet conversation by having electrical connectivity to the relevant wires. you need to understand things like ethernet switching to know what you should and shouldn't be able to see (go compare a hub and a switch)
2- a frame is the ethernet level entity, that contains and ip packet. you can easily see the structure of an 802.3 ethernet frame if you google for it. same for 802.11 wifi headers. you wouldn't make these yourself, as that's what the hardware does at it's (almost) most basic level. if you wanted to go down to that level you're down to microchips and whatnot.
Last edited by acid_kewpie; 02-25-2008 at 03:30 PM.
Well for example I coded a little sniffer in Python but, for example, when I'm plugged in my wireless network, because I know the key to log in, I sniff lots of packets and I think that's pretty obvious since I'm connected to my network. But when I read on how aircrack worked I understood that it needs to have a large amount of packets to be able to crack the key. But the computer can't be connected to the networks since supposedly the computer doesn't know the key. So what's the difference when performing a scan with this. If I just chose my wireless device to capture with, while in promiscuous mode would i> (in my case I know since I'm trying to crack my own network)
t sniff something from a wlan?
here's my little code:
from impacket.ImpactDecoder import *
def decode_packets(hdr, data):> (in my case I know since I'm trying to crack my own network)
var1 = EthDecoder().decode(data)
devs = pcapy.findalldevs()> (in my case I know since I'm trying to crack my own network)
for val in devs:
dev = raw_input("Select device: ")
Oh so wait a second I was just re-reading your post acid_kewpie, should I put here a function to define on which channel I should listen to? and then I guess the program would start capturing packets wireless... Correct me if my logic is wrong =]