Sep. 5, 2008
So I finally had some great success running airbase-ng as a rouge AP. I ended up buying the Alfa AWUS036H, an excellent 500mw Realtek 8187 based card. I am running a Virtual Gentoo system with the git version of the rtl8187 driver. The SKB BUF error messages from the aircrack-ng version of the driver where too annoying.
All in all I am very pleased with the setup, as it behaves consistantly now (knowing the needed tweaks to get it running). I believe it performs as well as running an AP with the madwifi-ng karma kernel patches from digininja. Well, except for one thing. When changing the MAC address of the wifi card it doesn't really do such a good job anymore. For some reason most clients fail to associate, some still do but theres a considerable drop in the number of connecting clients.
I have tried to change the MAC using both ifconfig and simply specifying the -a option to airbase-ng. Sniffing the traffic using another wifi card shows a lot of probe requests and responses being re-sent, but no requests to associate. From my initial checks I do not see any difference in the requests or responses apart from the "Frame check sequence" and the MAC of-course. But then again, I haven't put that much time into it.
ANY insight into why this happens, and if I am missing something REALLY obvious would be great. I will file a bugreport in the aircrack-ng TRAC system once I collect and clean the relevant packet traces.
2 Responses to “airbase-ng, almost there …”
Hey,
my guess about the clients failing to associate would be that once you use a BSSID (MAC) that is not set as the device MAC (you don’t change it with ifconfig, just use the -a switch), the control frames aren’t sent anymore. so the client always gets a timeout for transmitted frames, which results in never leaving the authentication phase. However, once you also change the hardware MAC and use that as BSSID, everything should be back to normal.
Hirte
By Hirte on Oct 17, 2008
Thanks Hirte! Even though I already had it this way in my startup scripts it wouldn’t work. I changed the driver back to the one your referring to from your website: http://www.aircrack-ng.org/doku.php?id=r8187 and now it’s working. I was using the rtl8187 driver from the latest wireless git tree.
By Patrik on Oct 21, 2008