Quote:
Originally posted by abaddon
you're really wasting your time if thats all you'
re looking for, problem is that real access points really do send out these frames, they are there for a reason, airjack doesnt do anything out of spec in that attack, its the 802.11 standard thats the problem...if these so called ids abilities are only looking for the existance of the frame, then they are not going to do anything but give false positives till you are blue in the face...
--Abaddon
|
well, first of all i think that decoding pakets to see whats going is not waste of time
and hey, if things like this is all i were looking for, then i've probably never touched a linux system
(i think you know what i mean)
i know that normal 802.11b managment traffic includes deauth and deass paket, but under normal circumstances there wouldn't be a deauth or deass storm...and that's what i think he implemented..just detecting flood's of this type.
but we'll have to wait until he finished work on that to say more about this, since it's still devel-code
btw, mike have never stated it's an ids, that was just my interpretation..because i needed to find a name for what i think it is...
however, i'm curious on the next release of your tools, and also curious of the things mike will implement next...
cheers