Unencrypted Beacons on Initialisation
Jouni Malinen
j
Tue Mar 20 13:41:24 PDT 2012
On Tue, Mar 20, 2012 at 02:40:39PM +0000, Jonny Milliken wrote:
> Having a problem with hostapd-mini (v 0.6.6) in OpenWRT Kamikaze 0.8.2. We
> have set up a few APs with WPA encryption and have an IDS (Kismet)
> monitoring for attacks. Kismet is reporting CRYPTODROP false positives
> because when wifi restarts (via "wifi" terminal command) a few beacons are
> transmitted advertising the AP as unencrypted before hostapd fully engages
> and changes the beacons to advertise it as WPA encrypted. We have confirmed
> this is the case with Wireshark. We have managed to root cause the false
> positive to being caused by the line:
> Does anyone know of any way to ensure that hostapd does not leak these few
> unencrypted beacons when it is initialised?
Upgrading to a newer hostapd version could help:
http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=bc45d4279f01e3c224f78d93b6fd781dab928dde
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list