About ten minutes.So I'm trying to crack the WEP on my WRT54G, which is located literally within half a meter of the machine that's doing the stuff. It's running an Intel 5100 AGN, which has been reported able to inject/monitor, and it works fine for me.
However, I read a while ago that WEP is really quick simple (relative to WPA/2) to crack. I recall it being something like 20 minutes, which seems pretty quick.
The simple web cracking guide on aircrack-ng.org lists that one needs 250K IVs for one attack method and 20K IVs for the PTW method to be able to obtain a key with good probability for 64-bit WEP.
At first, I associated myself and found that for some reason I won't get any ARPs to reinject if there isn't a client present. So I connected another computer to the AP. Then some ARPs were SLOWLY generated and over the period of 40 minutes, I got approximately 70 ARPs, and 1500 data packets (listed as #Data in airodump, so I assume that they're IVs). Packets sent is in the 100+K range.
This seems pretty damned slow and definitely not 20 minutes. Reinjection was at 500pps pretty constantly. After I made the other machine on the network start downloading something, #Data/s increased by LOADS. ARPs generated remained at the same rate, though.
So...how long should it really take to collect the necessary packets? How many does one need? Also, when I set my other box to download some massive file, is this generating IVs for the standard method or still for the PTW attack of cracking? Finally, for the PTW method, is the focus on collecting 20K ARPs or just the data packets that I get while doing reinjection...?
Thanks for helping a newb!