Unencrypted Beacons on Initialisation

Jonny Milliken thinkingmansopium
Tue Mar 20 07:40:39 PDT 2012


Hey,

Having a problem with hostapd-mini (v 0.6.6) in OpenWRT Kamikaze 0.8.2. We
have set up a few APs with WPA encryption and have an IDS (Kismet)
monitoring for attacks. Kismet is reporting CRYPTODROP false positives
because when wifi restarts (via "wifi" terminal command) a few beacons are
transmitted advertising the AP as unencrypted before hostapd fully engages
and changes the beacons to advertise it as WPA encrypted. We have confirmed
this is the case with Wireshark. We have managed to root cause the false
positive to being caused by the line:

106:  hostapd -P /var/run/wifi-$ifname.pid -B /var/run/hostapd-$ifname.conf

from the file /lib/wifi/hostapd.sh

Does anyone know of any way to ensure that hostapd does not leak these few
unencrypted beacons when it is initialised?

Thanks

Jonny
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20120320/8b09a9df/attachment.htm 



More information about the Hostap mailing list