kismet questions

[Anonymous]

Now that I got Kismet to work both on my 5500 and 6000 thanks to all the help from the group, I got some fairly basic question about using the program:

How can I tell whether an AP detected is \"open\" or not?

What does the green and red color of the font specifies?

If an AP is no longer in range, will the entry disapper or do I need to press \"clear\"?

The last dumb question is that if there are multiple AP\'s, how do I specify which one I want the Z to connect to? I was at a Starbuck testing Kismet and I found both T-mobile AP and \"airpath\" AP. When I create a connection on Z w/ ESSID = \"ANY\", it automatically went to the T-mobile one.

Thanks in advance

FW

[Tehas]

The colors indicate how long ago a signal was received.  Green is most recent, red & blue something in between, and black is old.  There is a thread on this board that lists the actual values.  Out of range APs remain on the display and eventually turn black.

If you open one of the APs up, one of the entries/stats is the timestamp for the last signal received.

My understanding of Open is that if they are not using WEP - I could be wrong.  I thought that if a network is not using WEP, then you could connect to it - but I\'m new to WIFI so I might be wrong.  I\'ve not yet tried to connect to someone else\'s network.

[raybert]

If I\'m not mistaken, \"open\" refers to the authentication used when connecting.  The alternative to \"open authentication\" is \"shared key authentication\" (and there may be others).  The latter encrypts the connection conversation (using the WEP key), the former doesn\'t.

It is possible to configure a router to use WEP with open authentication.  I believe this means that the connection conversation is NOT encrypted, but all comms afterwards are.

~ray

PS: If you can\'t find the thread with the color timings, I\'ll look in the source code for you.  But Tehas is basically correct.

[raybert]

Follow-up: I wanted to confirm what I wrote earlier about the Open/WEP indicators so I checked the source.  Unfortunately, my search was inconclusive.  Kismet is returning a field called \"wep\" which appears to be a boolean value, but I haven\'t been able (so far) to find any documentation as to what it actually means.  So I cannot yet confirm, what I wrote.  I\'ll keep searching (I want to be sure the GUI is representing the result correctly, and clarify it if necessary).

While I was there, I dug up the color timings again.  Here they are:

Color reflects the time elapsed since the last packet was seen:

green: 0-8 seconds
red:   9-16 seconds
black: ]16 seconds
~ray

[Anonymous]

Thanks guys. The color code explains  a lot.

FW

[terrorphile]

While I was there, I dug up the color timings again.  Here they are:

Color reflects the time elapsed since the last packet was seen:

green: 0-8 seconds
red:   9-16 seconds
black: ]16 seconds
thankyou for this i have been wondering the same myself

but i also noticed

blue

and a red&black

the red an black looks almost just like that

i guess that blue means i\'m right inside an AP?

[raybert]

You\'re correct about the blue -- I had missed that one.  Blue is used for a brand new AP when it is first added to the display.  It will be updated to one of the above colors (from my earlier post) the next time a packet is detected for that network.  If a second packet is detected immediately after the first, the color will be changed to green so fast you probably won\'t notice the blue.

Actually, I suspect the blue is a (minor) bug and it was suppossed to be green.  Not much point using a different color when chances are that you\'ll rarely ever even see it!

I don\'t know about this red & black you mention.  I\'m guessing it might, perhaps, be a screen update anomoly?

~ray