Thanks Kam-Yung,
My network does use WEP, but I have Kismet configured to decrypt
traffic on the fly. As you can see from the packet dump, the data is
indeed unencrypted by the time it gets to Wireshark. Just in case I
tried adding the WEP key to Wireshark but that didn't help. Neither
did setting the "Ignore WEP Flag" option (although the Ignore WEP
Flag option did result in a Logical-Link Control entry in the packet
details pane, the rest of the data section wasn't decoded).
Steve
On Aug 10, 2006, at 8:43 PM, wireshark-users-request@xxxxxxxxxxxxx
wrote:
Steve,
According to the capture, the data is protected:
=====
[...]
Flags: 0x41
DS status: Frame from STA to DS via an AP (To DS: 1 From
DS: 0) (0x01)
.... .0.. = More Fragments: This is the last fragment
.... 0... = Retry: Frame is not being retransmitted
...0 .... = PWR MGT: STA will stay up
..0. .... = More Data: No data buffered
.1.. .... = Protected flag: Data is protected
0... .... = Order flag: Not strictly ordered
[...]
=====
You may need to setup the WEP key in Wireshark first to decrypt the
data packet.
Regards,
Kam-Yung