When watching for packets to ARP replay, is it necessary that..
..The following flags are:
FromDS = 0
ToDS = 1
I'm just wondering if these packets occur "Naturally" - I'm having a go at busting the WEP on an AP that has one connected client, and seemingly low activity.. I left aireplay going overnight, filtering for ARP packets that matched the above criteria (along with the other criteria of bssid = ap mac, source mac = client mac, dest mac = ffff...) and not one packet in 2.5 million fitted the criteria.. I'm just wondering if I got the criteria wrong, because a packet that is:
FromDS = 1
ToDS = 0
BSSID = AP MAC
SourceMAC = client MAC
DestMAC = ffff....
Happens along every ten seconds or so..
I so far havent succeeded in carrying out a deauth, and I think it may be because I'm using an Intel Centrino 2915/2200 card.. Aireplay says these cards cannot be used for deauth attacks..
So.. if I leave the laptop watching and waiting, will the packet that I want happen along at some point in time?