kills associated client network performance
I'm running Backtrack 2 final on my HD. I have a PROXIM ORiNOCO 802.11b/g Gold (Model: 8470-WD). I can crack my own 64 bit WEP key after about 4 hours and collecting about 300,000 IVS. Problem is while collecting the IVS the client that I deauthed is pretty much useless as far as using the internet. As soon as I stop the collection process the client is fine and can resume internet activity. Does anyone have any ideas why this is haapening? Here are the commands I am executing.
1. airmon-ng start wifi0 "per backtrack wiki:To set monitor mode type "airmon-ng start wifi0" and then use ath1"
2. kismet "after starting kismet a "kis" virtual device shows up in iwconfig - not sure why"
3. airodump-ng -w bowhunter ath1
4. aireplay-ng -0 3 -e bowhunter -a 00:16:01:27:7C:62 -c 00:06:25:4A:B1:21 ath1
5. aireplay-ng -3 -e bowhunter -b 00:16:01:27:7C:62 -h 00:06:25:4A:B1:21 ath1
6. aircrack-ng -a 1 -s -f 4 -n 64 -m 00:16:01:27:7C:62 bowhunter-01.cap
Great CD by the way - Thanks, appreciate all the hard work that went into the CD!
My life is this forum
Perhaps you could answer your own question by telling us what "deauth" means.
+1 nomination for idiots corner
Maybe I am confused but I thought the "deauth" was very short and the client should not even notice it happened to them.
Can someone explain what is suppose to happen when the deauth/packet injection option is executed? From the client PC perspective I thought "most people" would not notice anything happened to them. Isn't that the point - to do this in stealth mode? My client PC is hammered so much during the packet injection process it can not serf the internet. In my case that is about 4 hours to collect enough IVS "300,000" to crack the 64 bit WEP key. The commands are at the beginning of this thread. I would like to know if I am thinking wrong or if they could be executed in a more none intrusive manner.
Thanks for the help!
the whole point of injecting is to knock the client off the net. 10 sec of injecting is all you'l need. Tutorial here http://forums.remote-exploit.org/sho...t=1556&page=11 you want the client to be connected, then the Data will fly.
The excellent forum article mentioned is where I formulated the executed commands at the beginning of this post. I understand the deauth should be very short, in my case "3" deauths issued. But for some reason when I do the packet injection and can watch the ARP count increase and the "data" count rising in airodump-ng the PC which I deauthed becomes pretty much un-useable during the entire capture process. That is what I am trying to solve.