What is Extra: rsn_ie ?

[Bryan Kadzban]

Timo Pannes wrote:
> So how can I see which method is used? Do tools like kismet or
> ethereal show these differences? Or do they just guess somehow?

If they had to guess, then your wireless card (and wpa_supplicant) would
have to guess too.  How much luck do you think you'd have then?  ;-)

Capture the frames off the wireless in monitor mode, using something
like airsnort (not sure whether kismet or Ethereal will work for the
capturing).  Then load the packet file into Ethereal; it knows all the
differences, and can decode any given IE as WPA or RSN (the difference
has to do with the IEEE OUI values used in the IE's identifying number,
if any, I believe).

If you don't see either a WPA or RSN IE, then look through the other
decoded IEs to see whether there's a "privacy" bit set in one of them.
If so, it's WEP, if not, it's cleartext.

(Note that you can only find out whether RADIUS is used by looking at
the WPA or RSN IE.  In a WEP network, there's no way to know.  The mode
that a lot of vendors seem to call "IEEE 802.1x", i.e. RADIUS
authentication with WEP as the encryption, is I think actually a WPA
mode, so there should be a WPA IE there.  At least, I know of no way to
tell the client that they need to do RADIUS auth using just the non-WPA
and non-RSN IEs.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20060404/e2496d5a/attachment.pgp