hello, I was wondering if you could help me understand what is happening.
Ive been using kismit for about 2 weeks now, to monitor traffic on my wireless network. last night, there was a change in the usual pattern of traffic.
Its difficult to explain (as Im new to this), but, as far as I can tell, there was traffic being transmitted from my AP, and when looking at my AP 'Network List Details' section of Kismit, I noticed that the AP is producing alot of 'LLC' packets, and I dont know what these are. there was some data packets (although not many, they probably total 10 kb in 1 hour).
so I continued monitoring while I went to sleep, and when I returned to the computer in the morning, the 'LLC packets' were still being produced, but the total traffic seen on the network was 100MB.
I was wondering what these 'LLC' packets are?
the 'network list details' for my AP are as follows:
in the Kismit 'client list' for my network, I see the MAC code of my AP (00:1D:68:EB:5F:EE, printed on the label of the AP), but Im also seeing a similar MAC code (00:1D:68:EB:5F:EF). *EDIT, if I go into my AP config, it says 'Physical Address: 00:1D:68:EB:5F:EF'.*
BSSID : 00:1D:68:EB:5F:EF (which is confusing, because I thought my AP's MAC was 5F:EE, as printed on the underside of the AP
ENCRYPT: TKIP WPA PSK AES-CCM CCMP (not sure why TKIP is here, Im only using WPA2 ?
LLC: 322874 (usually 0)
WEAK: 46 (usually 0)
DUPE IV: 145562 (usually 0)
the 'client list' looks like this:
its confusing to me why there are 2 MAC codes which are so similar?
s FF:FF:FF:FF:FF:FF data=0 crypt=0 size=0
S 01:00:5E:7F:FF:FA data=0 crypt=0 size=0
S 01:00:5E:00:00:16 data=0 crypt=0 size=0
I 00:1D:68:EB:5F:EF data=18 crypt=0 size=2
F 00:1D:68:EB:5F:EE data=108850 crypt=10885 size=109M