WLAN HACKING

Hacking other people's WLAN is illegal and unethical. This article is not about penetrating foreing WLANs but about learning someting about security. The techniques described here apply the encryption with WEP, not WPA.

I have successfully installed the tools on Fedora Core 3 (FC3) and Fedora Core 4 (FC4).

It is amazing how many believe that hiding their SSID or rejecting foreign MAC addresses is secure enough. The reality is somehow different: even a WEP-Encryption with 128 bits key is not secure.
I recommend anyone having a WLAN to try the techniques from this article and find out how easy it is for someone with bad intentions to penetrate a wireless lan.
This article focuses on installing and using the available tools to detect a wireless network, gather the required details and crack its WEP encryption:

* Installing and using kismet, aireplay, airodump and aircrack
* Collecting encrypted packets
* Cracking the WEP key from collected data
* Common techniques and attacks on WLANs


For those who don't want to configure their Linux to do this there is pre-configured Live CDs worth looking at:

* The Auditor distro from Remote Exploit

1. References

There are many source about this matter. I especially recommend these:

* How to crack WEP part 1
* How to crack WEP part 2
* How to crack WEP part 3
* The remote exploit forum
* The remote exploit Auditor Live CD
* WHAX, another Live CD (currently merging with Auditor)
* The aircrack tools-suite documentation

2. Setup
Note these steps are not required if you use a Live CD.
2.1 Kismet

Download Kismet for fc4 from http://rpmforge.net/user/packages/kismet/ and install:

Code:

rpm -ivh kismet-3.0.1-3.200508r1.2.fc4.rf.i386.rpm


Edit /etc/kismet.conf (also see http://www.kismetwireless.net/documentation.shtml):

* Set the user id
* Set the source (check