I ran into this myself a while back, but traces from a 3rd station showed
that packets were being encrypted on the WEP enabled station. One thing to
note about XP's handling of Wireless adapters: You probably shouldn't use
the raw configuration properties of the adapter. If you use the simple GUI
configuration tool that pop's up in the tasktray, the values used there for
WEP (or WPA) settings do take even though the value in the adapter
properties will show that WEP/WPA is not enabled. The raw properties control
some very low level functions of NICs, and in most generic networks I find
you don't have to tweak them.
One more screwy thing from Silly-Billy...
Jeffrey Threlfall
Sr. Network Administrator
Healthcare Automation
VOX - 401.691.3240
Email - jefft@xxxxxxxxxxxxxxxxxxxxxxxxx
-----Original Message-----
From: Mike Shepet [mailto:mike@xxxxxxxx]
Sent: Sunday, August 31, 2003 2:40 PM
To: ethereal-users@xxxxxxxxxxxx
Subject: [Ethereal-users] Sniff wireless on the same machine?
I am not 100% confident that my WLAN is speaking WEP. My setup is pretty
simple, a laptop running Windows XP with a D-Link 802.11b card and a
netgear wireless broadband router. Both the AP and wireless network
properties in XP are configured to use encryption. This afternoon I was
digging through the Device Manager properties of the wireless NIC and
found a property under the Advanced tab that read "WEP Option" set to
disabled. Curious, I installed Ethereal and started capturing packets
and found that all of my traffic was in clear text. I set that property
to enabled and rebooted, but it's still capturing in clear text.
Is it showing clear text because the packets are being decrypted before
Ethereal has a chance to read them? How could you find out for sure if
WEB is enabled if all you have is an AP and one client?
Mike
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users