makes sense, thank you for the answer
Printable View
makes sense, thank you for the answer
great looking tool, although im still stuck, i can get as far as connecting to the rouge access point, but however i do not recieve internet access, i changed the dhcpd.conf to the one given, but sill no joy, i have both a internet connection (via a router) and a injection compatible wireless card, can anyone point me in the right direction
thanks
Is the client getting an IP address? Can he ping 10.0.0.1? Can he ping the routers IP ?
Can he resolve dns? The easiest way to troubleshoot would probably be to open up Wireshark and see whats happening.
Are you seeing "Malformed Packets" on at0?
wow thanks for the speedy reply, merry xmas,
no i just checked, ithe cleint connects to the network, but when i ifconfig on the portable laptop i dont get an ipaddress, nor can i ping. i also checked via wireshark, the are packets flowing from my injection card (eth2) but nothing from 10.0.0.1 ath0
actually now im seeing mal formed packets from the at0
Likewise :)
Well are you running backtrack in VMWare? How close is the client to the AP?
Are you running the script? If yes, try modifying the mtu to 1500 instead of 1400.
no i have a hdd installation and the laptop is a macbook sitting next to me, so i re connected, changed the mtu to 1500, and it now says my ip is 169.254.141.150, i can ping the router 192.168.1.1 16pckts transmitted non recieved, and cannot ping google.com
Can you now see real packets instead of Malformed in Wireshark after changing the MTU ?
If yes, it is most likely your dhcp daemon something is wrong with.
Also try moving the macbook a little further away, they may be too close which could corrupt the packets.
all i did was copy thr pastebin and replace my dhcpd.conf with that and then run the script. im a bit confused, all that xmas fun :) is that all i had to do.
OK i did it, i had to erase the old resolv.conf files and old dhcpd files , then i tried it again, got an ip of 10.0.254 working perfectlly!!!!!!!! thanks for all your help
Well in a perfect world, that would be all you would have to do :b.
But luckily it's not, maybe you'll learn something on the way (: .
I would suggest reading through this thread once more and try reading a bit on what Wireshark can be used for so you can
improve your troubleshooting skills. You have to find out WHAT the problem is before you can solve it.
edit: Great to hear :)
I have been looking into the MTU issue a bit and I think I finally found out why certain settings behave strangely.
MTU stands for "Maximum Transmission Unit" This is the maximum size of a data unit that can be passed over a network without being fragmented. Most LAN networks max out at 1500 MTU. When connecting to a peer, both systems reveal their specific MTU to each other during the connection handshake. If the MTUs are the same then thats great, however MTUs can change based on certain factors such as user defined settings or other things. This is done through packets at layer 3.
When a piece of data is sent that is larger than the MTU of ANY of the systems in the chain then it must be fragmented into pieces that do not exceed the size of the smallest MTU. If one system tries to send a packet that is larger than the MTU of the receiving system it sends back a (Destination Unreachable) response which triggers the sender to ping with an ICMP which should cause the receiver to send a response packet with the correct MTU value to create a connection.
This is the crux of the problem: Many websites have begun dropping ICMP packets to prevent ping floods and DoS attacks. This means that if the MTU of yahoo.com is 1400 and it drops ICMP, and you are sending packets at 1500 you are going to get black holed. If google.com has an MTU of 1400 and allows ICMP then you can still create a connection because the ICMP lets your system know to fragment the packets to a size that google.com is willing to take.
This is also why the Tun device and the NIC need the same MTU value because fragmentation is done at layer 3 and in airbase they communicate at layer 2.
This is just my feeble attempt at understanding, if anyone else has real experience with MTUs feel free to post corrections. :-)