Wireless sniffing

I have a question about sniffing on networks. I know that it is possible to
sniff on a wired network, even without an IP address, and i know it is
possible to sniff on an unencrypted or encrypted wireless network, but is it
possible for someone to have cracked my WEP key, sit on my network and sniff
or communicate on my network w/o an IP address? Using a wireless IDS
(kismet), i can see that my access point has packets going through the air,
even though my laptop is turned off. I checked in my linksys web-based
management page and there are no other MAC addresses assigned. someone
could be using a static IP, but can they be listening or communicating w/o
an IP address?

Thanks!
-matt

Matt wrote:

> I have a question about sniffing on networks. I know that it is possible
> to sniff on a wired network, even without an IP address, and i know it is
> possible to sniff on an unencrypted or encrypted wireless network, but is
> it possible for someone to have cracked my WEP key, sit on my network and
> sniff
> or communicate on my network w/o an IP address? Using a wireless IDS
> (kismet), i can see that my access point has packets going through the
> air,
> even though my laptop is turned off. I checked in my linksys web-based
> management page and there are no other MAC addresses assigned. someone
> could be using a static IP, but can they be listening or communicating w/o
> an IP address?

Yes, it is possible for someone to intercept your signal, without you
knowing about it and it's also possible to break WEP.

Matt schrieb:
> I have a question about sniffing on networks. I know that it is possible to
> sniff on a wired network, even without an IP address, and i know it is
> possible to sniff on an unencrypted or encrypted wireless network, but is it
> possible for someone to have cracked my WEP key, sit on my network and sniff
> or communicate on my network w/o an IP address? Using a wireless IDS
> (kismet), i can see that my access point has packets going through the air,
> even though my laptop is turned off. I checked in my linksys web-based
> management page and there are no other MAC addresses assigned. someone
> could be using a static IP, but can they be listening or communicating w/o
> an IP address?

At first, a wep key can be cracked after sniffing about 500.000
enmcrypted packets with unique IVs. You can see the kismet information
page on a WLAN to see some datails
If you have less packets it will take some time to crack the key.

The AP is constantly sending out broadcast packets like beacon frames.
They are not encrypted and so they don't help in decrypting the key.

Thomas

Matt wrote:
> I have a question about sniffing on networks. I know that it is possible to
> sniff on a wired network, even without an IP address, and i know it is
> possible to sniff on an unencrypted or encrypted wireless network, but is it
> possible for someone to have cracked my WEP key, sit on my network and sniff
> or communicate on my network w/o an IP address? Using a wireless IDS
> (kismet), i can see that my access point has packets going through the air,
> even though my laptop is turned off. I checked in my linksys web-based
> management page and there are no other MAC addresses assigned. someone
> could be using a static IP, but can they be listening or communicating w/o
> an IP address?
>
> Thanks!
> -matt
>
>

Wep is useless and can be cracked in 2 hours on a moderately used
network by a 10 year old with open source software.

Also, have you heard of a radio tower than can detect how many radios
are tuned into it?

"Coenraad Loubser" <c10u@ananzi.co.za> wrote in message
news:d45h5o$ca1$1@ctb-nnrp2.saix.net...
> Matt wrote:
>> I have a question about sniffing on networks. I know that it is possible
>> to sniff on a wired network, even without an IP address, and i know it is
>> possible to sniff on an unencrypted or encrypted wireless network, but is
>> it possible for someone to have cracked my WEP key, sit on my network and
>> sniff or communicate on my network w/o an IP address? Using a wireless
>> IDS (kismet), i can see that my access point has packets going through
>> the air, even though my laptop is turned off. I checked in my linksys
>> web-based management page and there are no other MAC addresses assigned.
>> someone could be using a static IP, but can they be listening or
>> communicating w/o an IP address?
>>
>> Thanks!
>> -matt
>
> Wep is useless and can be cracked in 2 hours on a moderately used network
> by a 10 year old with open source software.
>
> Also, have you heard of a radio tower than can detect how many radios are
> tuned into it?
>

I wouldn't say useless, but not as useful as i had thought. Basically, i
cracked my own WEP and because enough data went through the air to do this,
i want to know if anyone else cracked it.

Just curious, if its so useless, what would you use?

No i haven't heard of radio towers. I'm not sure how that's possible since
it's A) analog data B) nothing is sent from the radio, but enlighten me....

-matt

Matt wrote:
> "Coenraad Loubser" <c10u@ananzi.co.za> wrote in message
> news:d45h5o$ca1$1@ctb-nnrp2.saix.net...
>
>>Matt wrote:
>>
>>>I have a question about sniffing on networks. I know that it is possible
>>>to sniff on a wired network, even without an IP address, and i know it is
>>>possible to sniff on an unencrypted or encrypted wireless network, but is
>>>it possible for someone to have cracked my WEP key, sit on my network and
>>>sniff or communicate on my network w/o an IP address? Using a wireless
>>>IDS (kismet), i can see that my access point has packets going through
>>>the air, even though my laptop is turned off. I checked in my linksys
>>>web-based management page and there are no other MAC addresses assigned.
>>>someone could be using a static IP, but can they be listening or
>>>communicating w/o an IP address?
>>>
>>>Thanks!
>>>-matt
>>
>>Wep is useless and can be cracked in 2 hours on a moderately used network
>>by a 10 year old with open source software.
>>
>>Also, have you heard of a radio tower than can detect how many radios are
>>tuned into it?
>>
>
>
> I wouldn't say useless, but not as useful as i had thought. Basically, i
> cracked my own WEP and because enough data went through the air to do this,
> i want to know if anyone else cracked it.
>
> Just curious, if its so useless, what would you use?
>
> No i haven't heard of radio towers. I'm not sure how that's possible since
> it's A) analog data B) nothing is sent from the radio, but enlighten me....
>
> -matt
>
>
Heh heh heh, I was just emphasising the point that anyone with a normal
lan packet sniffer and an 802.11b/g client adapter can receive all the
packets sent out by any of the adapters on your lan, without
"associating" or "connecting" to any of them :D

sure, wep is enough to hold of amateurs

The better access points implement TKIP and 802.11X, which has a key
that changes rapidly and possiblity of an authentication server on the lan.


I hope that answers your questions.

So yes, it is possible for anyone to decode any traffic.

I would use ZIP files with long passwords to send sensitive information,
as a quick fix.

And ssl connections for pop and smtp, https for web

Actually, I do use that!

In comp.os.linux.networking Matt <matt@guest.com>:
> "Coenraad Loubser" <c10u@ananzi.co.za> wrote in message
> news:d45h5o$ca1$1@ctb-nnrp2.saix.net...
>> Matt wrote:
>>> I have a question about sniffing on networks. I know that it is possible

[ standard wlan security is just a joke ]

> I wouldn't say useless, but not as useful as i had thought. Basically, i
> cracked my own WEP and because enough data went through the air to do this,
> i want to know if anyone else cracked it.

> Just curious, if its so useless, what would you use?

Just use it and tunnel anything through a ssh (2), only allow ssh
on the wireless lan (iptables), nothing else, force key
authentication only. There shouldn't be much left for crackers
and they'll probably look out soon for some other wlan.

[..]

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 52: Smell from unhygienic janitorial staff wrecked
the tape heads

Matt wrote:

> "Coenraad Loubser" <c10u@ananzi.co.za> wrote in message
> news:d45h5o$ca1$1@ctb-nnrp2.saix.net...
>> Matt wrote:
>>> I have a question about sniffing on networks. I know that it is
>>> possible to sniff on a wired network, even without an IP address, and i
>>> know it is possible to sniff on an unencrypted or encrypted wireless
>>> network, but is it possible for someone to have cracked my WEP key, sit
>>> on my network and
>>> sniff or communicate on my network w/o an IP address? Using a wireless
>>> IDS (kismet), i can see that my access point has packets going through
>>> the air, even though my laptop is turned off. I checked in my linksys
>>> web-based management page and there are no other MAC addresses assigned.
>>> someone could be using a static IP, but can they be listening or
>>> communicating w/o an IP address?
>>>
>>> Thanks!
>>> -matt
>>
>> Wep is useless and can be cracked in 2 hours on a moderately used network
>> by a 10 year old with open source software.
>>
>> Also, have you heard of a radio tower than can detect how many radios are
>> tuned into it?
>>
>
> I wouldn't say useless, but not as useful as i had thought. Basically, i
> cracked my own WEP and because enough data went through the air to do
> this, i want to know if anyone else cracked it.

Perhaps you should be asking, if there's anyone who hasn't cracked it. ;-)

>
> Just curious, if its so useless, what would you use?

I keeps out the casual intruder.
>
> No i haven't heard of radio towers. I'm not sure how that's possible
> since it's A) analog data B) nothing is sent from the radio, but enlighten
> me....

Analog/digital has nothing to do with it. If it's sent by radio, anyone
within range can receive the signal and analyze it.

Coenraad Loubser wrote:

> The better access points implement TKIP and 802.11X, which has a key
> that changes rapidly and possiblity of an authentication server on the
> lan.
>

While I use WEP, it's outside my firewall, which requires ssh or vpn to get
through.

Michael Heiming wrote:

> Just use it and tunnel anything through a ssh (2), only allow ssh
> on the wireless lan (iptables), nothing else

Or vpn.