Does AirSnort need it's Logfile?

[wciibb]

Yesterday I cracked an WEP-64bit Key with AirSnort. I activated the "Log to file"-Option and while sniffing it logged about 1GB into this file.

Now I like to try an WEP-128bit Key and I suppose the Logfile to get much larger than 2GB. Unfortunaly I run ext2fs with it's maximum file size of 2GB. So I suppose that I could run in trouble if I even anable the logging into the logfile.

Does AirSnort really need to log it's Data to this logfile, or is it jst an optional feature which it not really needs to do it's job?

Dows anyone know about it, 'cause I didn't found anything regarding the need of this file in AirSnort-FAQ or other Forums.

[wciibb]

So, I started Air-Snort without the logging option and it seems that it's doing it's job.

I suppose the option would be relevant when one want's to stop sniffing and going on at some time later.

Up to now it's sniffing and doesn't really bother there's no file to log in.

[wciibb]

ok I'm finished with AirSnort cracking several 64 and 128bit WEP keys and it definitly doesn't need it's logfile. Happy cracking!

[shalomajay]

Hiya,

I've been tryin to crack a 128bit WEP key on my own netowrk & its taking ages now.

Basically.... my passphrase was 'Aa' & generated teh 128bit key on my network. From my attacking laptop, i'm running Airsnort for 3days now...no signs at all.

Please could you advise on what examples to use...
should i try with teh 64bit first?

cheers,
joe

[wciibb]

hi,

how many packets with weak IV's, so called "interesting" have you got so far?

trying the last 64bit key airsnort needed about 1800 interesting packets in case of the 128bit key it collected about 4600 interesting packets to crack the key.

is airsnort running in "scanning" mode or have you specified the channel through the text field in the upper left corner?

[ShaolinTiger]

You only really need the log file if you are going to do the cracking in another program like WEPcrack.

shalomajay you may try changing the randomiser offset, as sometimes you can run it forever but it will be looking in the wrong places.
_________________
Share your knowledge, it's a
way to achieve Immortality.

Quit Smoking - Darknet Hacking

Kung-Fu Geekery

[wciibb]

last night i let it run on 128bit WEP with logfile enabled an sometimes in the middle of the night the logfilesize exceeded the max file size.

the result was an abnormal termination of airsnort and the loose of all the captured packets!!!

[shalomajay]

thanks for ur replies....answers to all replies

i thin i have only about 3-4 weak IVs or interesting packets but otherwise i have around 20000 packets pactured over the last few days.

I have changed the channel setting to the one used in the Access point.

I think i've set it in 'scanning mode' but howdo i confirm?

also i'm not sure abt the randomiser offset..what should i change it to?

cheers,
joe

[wciibb]

set: iwconfig wlan0|ethX channel X where X is the channel you're using.

when you've received just 20000 packets with 4 interesting packets in over a few days I suppose you're definitely run it in scanning mode