Unencrypted Beacons on Initialisation
Jonny Milliken
thinkingmansopium
Tue Mar 20 07:40:39 PDT 2012
Hey,
Having a problem with hostapd-mini (v 0.6.6) in OpenWRT Kamikaze 0.8.2. We
have set up a few APs with WPA encryption and have an IDS (Kismet)
monitoring for attacks. Kismet is reporting CRYPTODROP false positives
because when wifi restarts (via "wifi" terminal command) a few beacons are
transmitted advertising the AP as unencrypted before hostapd fully engages
and changes the beacons to advertise it as WPA encrypted. We have confirmed
this is the case with Wireshark. We have managed to root cause the false
positive to being caused by the line:
106: hostapd -P /var/run/wifi-$ifname.pid -B /var/run/hostapd-$ifname.conf
from the file /lib/wifi/hostapd.sh
Does anyone know of any way to ensure that hostapd does not leak these few
unencrypted beacons when it is initialised?
Thanks
Jonny
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20120320/8b09a9df/attachment.htm
More information about the Hostap
mailing list