Since I kept playing with BT3 further I have a few certain questions to which I could not find answers, so there they are:
1. My neighbour agreed to let me try to crack his AP's WEP, but since we wanted it to be more realistic (if you wanna predict actions of a hacker you have to put yourself in his position), so he did not say when he's online, etc. So when I am running "aireplay-ng --arpreplay" (also use --deauth one time) the lines are running and the numbers of "got ARP requests" are increasing, packet injection is working (i suppose). But suddenly lines stop running, though ARP request's and etc. are increasing in the last line. What does that mean, does that mean that I am still geting IV's or is something wrong? Or does that mean, that there is no trafic on my neighbours AP? I'm including a picture for a clearer view:
2. Does the range and other abilities of the wlan adapter have much influence on how much packets I can intercept/inject? When trying on my AP I was able to crack the WEP in 14 minutes (with considerable traffic of course, my HTC Diamond was watching youtube at the time), however with my neighbour's AP different story - I can keep running airdump, aireplay and aircrack the whole day and it hardly collects 25000 IV's... resulting not cracking WEP. Does the range is vital to such an attack?
3. There is a public (without password) AP in my vicinity (could be a cafee wifi or smth., so I don't think checking it out is illegal) always with 7 or so clients like kismet shows. But I am unable to connect to it even with cloning some of the clients MAC adress, so I made assumption that it's not MAC-list enabled. What could be the reason then?
question 4. is it possible to use several *.cap files at once to crack WEP? For example if I'm running aireplay-ng each day at the end of the day stopping it collecting ~25000 ivs, so after 4 days I would have 4 cap files each approx 25000 ivs.