Results 1 to 2 of 2

Thread: Lots of active clients on unencrypted AP yet unable to pick up any traffic?

  1. #1
    Just burned his ISO
    Join Date
    Feb 2011
    Posts
    2

    Post Lots of active clients on unencrypted AP yet unable to pick up any traffic?

    Hi all,

    I am running some tests to try and better understand how ARP poisoning and session hijacking works.

    I am connected to an open network with lots of active stations (verified with airodump-ng: I can see at least 10 different stations talking to the AP).
    Yet, when I launch Ettercap and scan hosts to get them in the list, I can only see the computer I am running the Ettercap scan from and the AP.

    Why is that? Could it be that Ettercap tries and ping each of the 255 possible /24 IPs and the AP has built in firewall filters that prevents pinging anything else than your own IP and the AP's?
    I can't wrap my head around that... I tried connecting two computers to the AP, they definitely are in the same subnet and have the same /24 IP, but each of them can't ping anything else than themselves or the AP.
    What's even stranger (to my limited knowledge) is that Wireshark only sees packets to and from the AP to and from the computer it's running on... Packets for other computers don't even show up in Wireshark.

    Could someone shed light on this mystery please? Any explanation will be much appreciated

  2. #2
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default Re: Lots of active clients on unencrypted AP yet unable to pick up any traffic?

    What's even stranger (to my limited knowledge) is that Wireshark only sees packets to and from the AP to and from the computer it's running on... Packets for other computers don't even show up in Wireshark.
    This is networking 101 kind of stuff. Are the machines hanging off a hub or is it a switched network? Have you actually done any reading about ARP or did you just think you'd click the big red "poison it now" button without any clue as to what that might do?

    If you continue to "play" with things without a little background knowledge you're just going to end up wasting time. Yours, whoever owns the network, whoever maintains the network, whoever else has systems on the network etc which in turn means wasted money, etc.

    Yes I know "everyone has to start somewhere", I'm simply suggesting that you start in a place where you get the necessary background knowledge on the things you're playing with before causing someone (yourself or others) problems due to not understanding how and why what you're doing may impact things.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Similar Threads

  1. insecure unencrypted proxy
    By bl0tch in forum Beginners Forum
    Replies: 2
    Last Post: 10-13-2010, 06:43 PM
  2. Im new to bt4 and i have lots of questions please help
    By darkdevi in forum Beginners Forum
    Replies: 4
    Last Post: 07-27-2010, 10:21 AM
  3. Sniffing Unencrypted wireless
    By spyder in forum OLD Wireless
    Replies: 7
    Last Post: 09-29-2008, 09:14 AM
  4. programming, something ive always wanted to pick up
    By kooze in forum OLD Programming
    Replies: 2
    Last Post: 08-11-2008, 02:18 PM
  5. Extending my wifi pick up range?
    By qwik3r in forum OLD Newbie Area
    Replies: 26
    Last Post: 07-25-2007, 07:26 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •