Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am using the latest version of Auditor to hack into my wireless network (I use a Linksys WRT54GS with a 128bit WEP key) and want derive my own WEP key with sniffing IVs and using aircrack. I chose to use a Prism card, Linksys WPC 11 v. 3. The CD runs well and the card is detected as either eth0 or eth1.
As I have been trying to put the card into monitor mode, an iwconfig always shows "managed mode". However, Kismet runs smoothly and so do airodump and aireplay. I usually switch-to-hostap before starting anything else.
Here is my usual konsole routine:
# switch-to-hostap
# iwpriv eth1 monitor 2 11
I also open kismet, and use the "Shift + L" key to lock my card on my own BSSID, then close kismet.
# airodump eth1 cap1 <MAC ADDRESS OF MY BSSID>
Airodump collects packets including IVs corretly. When I launch aircrack 2.1 (aircrack -m <MAC ADDRESS OF MY BSSID> -n 64 -q 3 cap*.cap), the number of "unique IVs" is always less than what Airodump collects (only about one third of Airodump IVs are considered "unique IVs" by aircrack. How come? Is it a matter of drivers? Should I start over with the wlanng driver instead?
I once colleted about 800,000 IVs on Airodump (about 3 million packets) and Airodump started giving me a "cannot write" error. I believe it is because it was running out of space to write the file, since it is not using the hard drive. Auditor was then becoming to be buggy and very slow and I had to restart it and lost the data collected.
You'll definitely need somewhere to save temporary files and the like. Airodump does need a lot of space for storing of packets, as aircrack looks at the packets in a collective manner whereas airodump looks at them individually (as I understand it, anyway).
You'll definitely need somewhere to save temporary files and the like. Airodump does need a lot of space for storing of packets, as aircrack looks at the packets in a collective manner whereas airodump looks at them individually (as I understand it, anyway).
You've obviously never broken any WEP key before.
It doesn't need that much space and the current
version, by default, only stores the weak IVs.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.