Surely you wouldn't even need to perform a vulnerability assessment on WEP, it's as vulnerable as hell and shamanvirtuel is not alone in being able to crack 104bit, (128bit), WEP in around 80 seconds!!!
Update your aircrack module to the latest stable version, 0.9.1 and your madwifi drivers...as you're using an Atheros chipset. Both will improve your injection rate and 0.9.1 allows you to use the PTW attack by adding -z to the script. You could try the latest 1.0 beta, although if you're using it professionally then I'd recommend using 0.9.1 because you don't want to beta testing whilst on a job.
With all due respect, if I contracted someone to test my security I'd expect them to know at least as much about WIFI cracking and encryption as I do!
Anyway, if you are having trouble, it could well be bad radio conditions, as previously mentioned. Try driving around the parkinglot to find a location with a better radio enviornment (ie: stronger Rx and less SNR).
You mentioned this was a factory? Maybe they have some equipment causing interference in the 2.4 Ghz range? If you have a spectrum analyzer available, it could be worth to do a scan for narrowband interferers.
Thanks again for the help.
Today I used PTW and cracked the key with about 45000 IVs. I was unable to get any better injection speed (20 per second max), after trying many locations around the site.
At another site I was able to get a speed of 350 packets per second, but only when using one particular station. When trying other stations connected to the same AP, I could only get 1-5 packets per second.
Oddly enough, the PTW method wasn't able to crack this one at all - I gathered about 550,000 packets in 30 minutes. Old method didn't seem to work either. Out of this many packets could there really have been no weak IVs at all? To my knowledge, the station would have been a windows 98 or XP box.
edit:... it just dawned on me that most of the clients to which I was spamming ARP packets are handheld devices with built in wifi.. could my slow injection speed been due to them not being able to reply as fast as a desktop?
Newb question, sorry if it's off-topic.
Does aircrack 0.9.1 come with BT2? Or is it an older version? (I'm using a LiveCD)
Sorry if this doesn't belong here.
Old something in the 0.7.* range if I remember right. Your best bet is to use a usb and create modules.
Μολὼν λαβέ - Great spirits encounter heavy opposition from mediocre minds.