Posted by:dragorn
Subject:Locating ap with the same essid..
Date:16:39:05 20/05/2007

> Hi everyone
> i am an ubuntu feisty user, and kismet is working good on it, i use on my laptop to locate wifi and compare their signal mainly.
> Now i am dealing with a big network that uses high power AP, they have ALL the same essid and are located in elevated points, when i survey with kismet i see only one essid name, how can i check how many of the AP are working and their mac address?
> all of them use WPA tkip password (which i can't know).

Multiple APs using 1 ESSID is, afaik, a violation of the 802.11 spec. Theres no way to tell them apart usually, unless you have a REALLY good card and write some sort of signal analyzer.

Depending on the implementation it may be possible to write something to decode BSS timestamps, but usually those fluctuate so much using them to segregate APs is going to be very hard.


