OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Hadmut Danisch (hadmutdanisch.de)
Date: Fri Apr 26 2002 - 17:28:33 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hi,

    (I just subscribed to this list.)

    I have some trouble with my Cisco Aironet 340 access point
    and PCMCIA cards (342 with large key encryption). I can't
    get the encrypted mode running. I was doing some experiments
    (Linux 2.4.18, airo_cs driver, wireless tools 24) and found
    some problems and ambiguities:

    - nomenclature is confusing:

      On the cisco configuration web page from my Aironet 340
      access point, there are three choices about the
      required use of WEP by clients: "No Encryption", "Optional",
      "Full Encryption".
      
      There are also three modes of authentication: "Open", "Shared", and
      "Network-EAP".

      In contrast to that, iwconfig uses "off", "on", "open", "restricted"
      about the required use of WEP by peers, and doesn't have a switch
      for choosing authentication.

      Again, in contrast to iwconfig, the WEP: entry in
      /proc/driver/aironet/eth0/Config supports the values
      "shared" (i.e. everything starting with 's'), "encrypt"
       (i.e. everything starting with "e") and "open" (i.e. everything
      else), but I'm not sure about the meaning.

      If I do
      echo "WEP: shared" >/proc/driver/aironet/eth0/Config
      then iwconfig shows mode "restricted"

      If I do
      echo "WEP: encrypt" >/proc/driver/aironet/eth0/Config
      then iwconfig show mode "open"

      If I do
      echo "WEP: open" >/proc/driver/aironet/eth0/Config
      then iwconfig shows key off.

      There's definitely some confusion, this is really
      error-prone.

      You should modify iwconfig and the devfs interface to
      clearly distinguish between the accepted authentication mode,
      the authentication mode used, and the accepted encryption mode.

    - My Notebook and my access point can communicate only if
      I do
      echo "WEP: open" >/proc/driver/aironet/eth0/Config

      on the Notebook and set the access point to "Optional".

      But then, surprisingly, the notebook receives packets from
      the access point, no matter what key I set on the access
      point. The Notebook shouldn't be able to receive anything
      without knowledge of the key. According to the help page
      of Cisco, "Optional" means only the kind of encryption
      required by clients, but not the encryption used by the
      access point. So the access point should send encrypted (regarding
      to the Cisco web page), which it definitely doesn't do, otherwise
      the Notebook couldn't receive.

    Any idea about this?

    Is there any tool to dump the raw packets to see, whether
    they are encrypted or not?

    thanks and regards
    Hadmut

    _______________________________________________
    Aironet mailing list - Aironetcsl.cse.ucsc.edu
    http://csl.cse.ucsc.edu/mailman/listinfo/aironet