Results 1 to 4 of 4

Thread: airodump-ng mon0

  1. #1
    Just burned his ISO
    Join Date
    Jul 2010

    Default airodump-ng mon0


    I have a question re airodump.

    If I run "airodump mon0" and see all the access points and clients does anyone know I'm there?

    I have no desire to cause any trouble, my town is too small for that but can the act of running that command alert me to say a university admin?

    I know that if I do arpreplay that will cause a lot of traffic but when I run airodump am I just picking up whats already out there without drawing any attention to myself?


  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010

    Default Re: airodump-ng mon0

    Depends if anyone sees you sitting in the car with your antenna pointing at them or not. If you have spent any amount of time reading posts here you would realise that this question might get people suspicious. Let me say that you are really better off not doing any sniffing of anything that doesn't belong to you, and we won't tolerate discussions of that here.

    I will say that airodump-ng is designed as a passive sniffer, if that helps. If you want to confirm its not going to "leak" then you would need to test it, but if you're not doing anything wrong you probably don't need to worry about that.
    Last edited by lupin; 07-06-2010 at 04:58 AM.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Junior Member
    Join Date
    Apr 2009
    not telling

    Default Re: airodump-ng mon0

    airodump-ng is passive analysis tool and it is just listening to the wireless transmissions, the only way to be discovered would require detecting cards in promiscuous mode (monitor mode), yet i dont know how this would be achieved.

    aireplay-ng is an active tool as it injects and modifies data in order to deauthenticate etc etc

    however the developer for pyrit made this post on his blog caliming he found a vunerablility in some versions of the aircrack-ng suite which allowed him to set up a honetpot network and crash a session of airodump-ng etc; i will let you read the rest, either way

    Aircrack-ng still vulnerable / honeypot

  4. #4
    Just burned his ISO
    Join Date
    Jul 2010

    Red face Re: airodump-ng mon0

    Thanks, that's what i thought but after I stopped using airodump I saw a two access points from my regular laptop saying assip_scanning 1 and 2.
    I didn't use airplay or anything like that so was surprised that what I was doing was drawing any attention to myself. Perhaps those two aps are always there and I just noticed them yesterday, I don't know?
    Anyway thanks,

Similar Threads

  1. Unable to get mon0 to show up
    By avarrin in forum Beginners Forum
    Replies: 4
    Last Post: 06-29-2010, 12:24 PM
  2. airodump-ng mon0 vs. airodump-ng wlan0
    By jodeme in forum Beginners Forum
    Replies: 9
    Last Post: 05-25-2010, 08:01 PM
  3. Monitor made enabled on mon0.. HELP?!!?
    By branndenb in forum OLD Newbie Area
    Replies: 1
    Last Post: 01-23-2010, 11:04 AM
  4. ALFA AWUS036H mon0?
    By MassAppeal in forum OLD Newbie Area
    Replies: 10
    Last Post: 01-17-2010, 09:50 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts