[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kismet-wireless
Subject:    Detecting Netstumbler and others
From:       "Rick Farina" <sidhayn () buckeye-express ! com>
Date:       2002-05-30 16:20:37
[Download RAW message or body]

It has often been talked about to detect netstumblers, but I haven't seen
any real progress on this other than looking for a no ssid with no channel.
I was wondering if anyone out there could make a kismet dump of netstumbler
in action.  Perhaps there are some signatures in the packets that can be
found and used to detect it.  I'd very much like to see this done.  Anyone
with kismet (tethereal) and netstumbler(ministumbler) please make a simple
dump of the work in progress.  I'd like to try to detect it based on the
probes alone, but try to get an association as well, maybe that will help.
Also, please use all versions of netstumbler (ministumbler) if possible.
Just label the dumps "Netstumbler 0.3.23.dump" or whatever.

Mike-  Could you add a "warn on detected ssid" with a full or partial match
on the name?  There is a police department by me and I'd like a special
warning when I see part of the ssid.  I'm trying to figure out if all the
cars have 802.11b as well.  Thanks.

-Rick Farina


"a false sense of security, is worse than insecurity" -Steve Gibson



[prev in list] [next in list] [prev in thread] [next in thread]