[MLB-WIRELESS] General Stumbling Query
Steve Smithies
steve42 at gmx.net
Mon Jun 16 14:23:25 EST 2003
Hi Alex and Melbwireless,
To the best of my knowledge, Netstumbler sends out a "hey, are there any APs
out there" message, and picks up on any responses. This'll get APs, and
ad-hoc nodes. Netstumbler doesn't actually see/display the traffic between
the AP and clients.
On Linux/Unix, there is a program called "Kismet" that passively monitors
traffic. It _doesn't_ send out anything to provoke a response, but monitors
everything passing by. Having said that, it tends to pick up most APs by
seeing their "beacon" frames which they send out advertising their presence.
I believe that APs can be set to not respond to the requests that
Netstumbler sends out, as well as disable the beacon frame thing, but since
Kismet puts the wireless network card into "promiscuous" mode and gathers
all the traffic that goes past, as soon as an AP is in use you discover the
APs, the clients, as well as being able to see the non-encrypted traffic
itself that goes between them.
More information about the Melbwireless
mailing list