Thread: airjack
View Single Post
Old 08-22-2002   #29 (permalink)
abaddon
Registered Member
 
Join Date: Aug 2002
Location: bar
Posts: 25
Re: Re: Re: news on kismet and airjack
true a storm of them wouldnt be normal network traffic, but i can do a great deal of damage with just a handfull (7 or less, sometimes as few as one), that would look exactly like an AP (and yes many AP's regularly deauth or disassoc stations for various reasons)...im not saying he's wasting his time, im just saying that you should be careful before you go so far as to consider that an IDS, you need alot more than that if you want a real IDS...

as for the next things i'll be coming out with im working on one driver to work on all three 802.11b card types and will support normal modes of operations (infrastructure, adhoc, and host-AP)...these will be linux drivers, they will run in 802.11b native mode (not imulating ethernet)...the best part is they will offer airjack type abilities and should be much more stable than the first proof of concept code i have up there right now...one last thing to look for is for me to have my cvs servers back online so i can have some real development going on (ive been moving into a new house and all my servers have been offline)...

as for kismet, im interested in what he's working on next as well, its a cool program maybe in the future we could see a joint project of some kind (no sense in everyone working on the same goals in different directions)...

--Abaddon

p.s. if you dont know what we're talking about, check this page out...
http://802.11ninja.net

Quote:
Originally posted by c0rnholio

well, first of all i think that decoding pakets to see whats going is not waste of time and hey, if things like this is all i were looking for, then i've probably never touched a linux system (i think you know what i mean)
i know that normal 802.11b managment traffic includes deauth and deass paket, but under normal circumstances there wouldn't be a deauth or deass storm...and that's what i think he implemented..just detecting flood's of this type.
but we'll have to wait until he finished work on that to say more about this, since it's still devel-code
btw, mike have never stated it's an ids, that was just my interpretation..because i needed to find a name for what i think it is...

however, i'm curious on the next release of your tools, and also curious of the things mike will implement next...

cheers
abaddon is offline   Reply With Quote