Ubuntu Networking :: 10.4 - Cannot False Authenticate With AP
May 13, 2010
I'm on ubuntu 10.4 and Cant seem to falsely authenticate myself with my AP. I am trying to break a wep key on one of my older linksys routers; It continues to say this:
Code:
root@kevin-laptop:/home/kevin# aireplay-ng -1 1 -a xx:xx:xx:xx:xx:xx mon1
No source MAC (-h) specified. Using the device MAC (xx:xx:xx:xx:xx:xx)
11:39:16 Waiting for beacon frame (BSSID: xx:xx:xx:xx:xx:xx) on channel 6
11:39:16 Sending Authentication Request (Open System) [ACK]
11:39:18 Sending Authentication Request (Open System) [ACK]
11:39:20 Sending Authentication Request (Open System) [ACK]
Attack was unsuccessful. Possible reasons:
* Perhaps MAC address filtering is enabled.
* Check that the BSSID (-a option) is correct.
* Try to change the number of packets (-o option).
* The driver/card doesn't support injection.
* This attack sometimes fails against some APs.
* The card is not on the same channel as the AP.
* You're too far from the AP. Get closer, or lower the transmit rate.
root@kevin-laptop:/home/kevin#
I'm using an eeepc 701 it has an Atheros card and does injection. I have also tried it with backrack 4 and it works perfectly (it falsely authenticates with the ap and decrypts the wep key) I just cant seem to get it to work on ubuntu 10.4. Could it be a kernel issue? I found out that there is a bug in the new(er) kernel(s). If you use an older kernel (I used 2.6.31-14 which can be found here) and it magically works.
I have set up Samba on an Ubuntu 10.04 and am attempting to back up files from a Windows 7 machine. The entire Windows 7 drive is under 300GB and the is a single 1TB drive in the Ubuntu machine with over 500GB free as can be see below.
jon@Timeh:/etc/samba$ df Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda1 937824152 326054016 564131352 37% /
I have a TP-Link Atheros-based USB card: TL-WN422G. It's listed widely as being compatible, but I'm baffled if I can make it work. I'm running an ndiswrapper (XP-64) driver, and that seems to be loaded and recognizing the hardware correctly. The system can scan and correctly identify our network, and other nearby ones, but when the WPA key is entered (correctly, I've triple checked), the "Secrets" windows just keeps popping up and no IP is acquired. I've installed and tried to configure it with wpa-supplicant, all to no avail.
I've attached below list of various outputs that I've looked at. Ubuntu 10.04.1 LTS (Kubuntu); 2.6.32-24-server x86_64 output of lsusb Bus 002 Device 002: ID 0040:073d Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 001 Device 003: ID 0413:6029 Leadtek Research, Inc. Bus 001 Device 002: ID 0cf3:1006 Atheros Communications, Inc. Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root .....
however, until this morning I had only been using my wired connection with no problems but when I tried to connect to my home's WPA secured wireless network, it just would not connect. The network manager sees the network and when I click on it, a window pops up asking for authentication. I enter the passphrase, but still it will not connect. I'm using a Lenovo X61 LAPTOP (not tablet).
I have a TP-Link Atheros-based USB card: TL-WN422G. It's listed widely as being compatible, but I'm baffled if I can make it work.I'm running an ndiswrapper (XP-64) driver, and that seems to be loaded and recognizing the hardware correctly. The system can scan and correctly identify our network, and other nearby ones, but when the WPA key is entered (correctly, I've triple checked), the "Secrets" windows just keeps popping up and no IP is acquired. I've installed and tried toi configure it with wpa-supplicant, all to no avail.ched below a (long, sorry) list of various outputs that I've looked at
Ubuntu 10.04.1 LTS (Kubuntu); 2.6.32-24-server x86_64 output of lsusb Bus 002 Device 002: ID 0040:073d
True or False: If you have a user on your Linux/Samba machine with a password, example: User = Bob Password = Password0 And Bob is on an XP computer, where his username is also Bob and his password is also Password0, is it normal for Bob to go to:
\SambaServer, double click on Bob's share (valid users = Bob only) and Bob get RIGHT in without being prompted?
On my prior setup, the user HAD to log in. If they wanted auto login next time with their credentials, they had to check "remember password." But now it's as if Samba knows who they are. It's very strange. What's the normal behavior? Must EVERYBODY authenticate with passwords, or if the Windows credentials are the same as Samba does it just somehow auto-detect it and allow them through?
I followed these instructions to setup my wusb11 driver using ndiswrapper:
[URL]
But when I try to ifup the interface, I get:
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4 DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 10 DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 14 DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 No DHCPOFFERS received.
iwconfig shows that no essid is assigned, even though I have specified one in /etc/interfaces.
Then if I go through the desktop gui Preferences -> Network to setup my wireless connection, /etc/interfaces does not seem to change but iwconfig then reports the essid is assigned.
Anyway, on my default taskbar there is a wireless icon. Clicking on that shows the wireless access points in the area. I see my own. When I try to connect to it, it prompts for my wep key. I enter the key, it thinks, and then acts as if I'd entered the wrong key.
Specifically of course, I'd like this to get fixed so that I can happily surf the net again, etc.
But I also I'm wondering why it seems that there is a disconnect between /etc/interfaces and Preferences->Network. If I type in a WEP key in the gui, I would think that it should appear in /etc/interfaces.
I'm definitely a Ubuntu wireless newbie, and not very experienced at Ubuntu anyway.
I want to make changes on my router bios for my server I have to go to my windows booted laptop rather than just 192.168.1.1 right here at my server. I only have to do a 360 in my chair and I am at my laptop but I don't want to. Everytime I type the gateway ip it reads off the name of my router and looks fine. But I enter my authentication info and it just returns the login window blank... something ubuntu-side?
WRT160v2 linksys wireless N router (Of course I have cat 5 running to my server) Ubuntu 10.04 LTS running desktop ontop (because I am still learning how to navigate the console)
Using a D-Link wireless router, trying to get it through the authentication process with the client through a D-Link DWA-125 USB wireless. When I set encryption to "none" on both ends, the router links up OK, but when I enter matching encryption settings on the router, and then in the driver data file (RT2870STA.dat) on the client side, I can't get it to authenticate. I've tried all possible combinations in the .dat file with no luck. I'm fairly well convinced that there is a bug in the .dat file settings, and that the wireless port setting need to be forced at startup through the /etc/networking/interfces file, or some such procedure, to override the settings in the .dat file.
I acquired an old Compaq Evo laptop and installed Kubuntu on it. Bought a second hand wifi card, a DEXLAN IEEE802.11b (Having Googled to check it would work with Linux).
It detects wireless networks fine, and is able to connect to open ones, but I can't log into the home network with the password which works fine for Windows laptops.
I've tried every configuration of the router I can find, and followed the advice at https://help.ubuntu.com/community/Wi...untu#EasySteps but with no luck. It just asks for the password over and over again without connecting.
We've got a Debian Lenny + FreeRadius and cannot seem to authenticate a wireless laptop.At this point, all I want is the users file entries to work, with ClearText passwords. Eventually we'll use LDAP but we want this up first with ClearText passwords and MD5.
1. FreeRadius installed, 2.1.10+dfsg-2~bpo50+1 from Debian Backports 2. AirPort v7.5.1, set up for WPA2 Enterprise, ip 10.10.10.75 3. Apple OSX laptop, 10.5.8
When running 'freeradius -Xxx' from the Debian cli I can see the authentication fail as though the OSX machine (or the AirPort router?) isn't passing along the password (from the FreeRadius cli run).Additionally, the OSX machine always prompts me for an SSL Cert to use, but with MD5 checkmarked as the only option in the 802.1x networking screen, this shouldn't be happening, making it more difficult to tell where this problem lies.The OSX machine keeps cycling through "Authenticating" and "Authenticating with MD5", and then settles on "AirPort has a self-assigned IP Address..." (meaning the laptop, not the AirPort wifi router)
I switched to the b43xx (lp-phy) driver, as opposed to the broadcom STA driver which I previously had. I have dell 8312b/g lp-phy(mini) wireless card.
I have the wireless detection, but when I attempt to connect to Fios WiFi it continuously asks for my WEP (I have the correct WEP and I have typed it in correctly) and fails to connect.
I've read about the driver and firmware on linuxwireless and kernel.wireless. org.
http://pastebin.com/w44Xbgw3 (lspci -nnk output) http://pastebin.com/C5BDhgZ9 (iwconfig output - this printed while trying to access the network)
I can't get my Broadcoam BCM4322 to connect to a protected access point. I've tried the drivers from rpmfusion, and tried to build the module with the source+binary package from Broadcom, all with no luck. The failure seems to happen during the WPA negotiation.
I haven't tried connecting to an unsecured WiFi access point.
When booting this same laptop to Kubuntu 9.04, it can connect to secured, so it is possible under linux.
Here's output from lspci, and the tail of the log while KNetworkManager is trying to connect the device.
I cannot authenticate on my wireless network. it keeps asking me the WPA key (which I correctly enter everytime it asks me to). I COULD do that before rebooting. Now I can't. Nice. What can I do? I've read somewhere that in the RC there where problems with the network applet I don't know what... can this be reconducted to that?
Well this one is driving me nuts. I've been searching through the forums for a while and it seems that a number of folks have similar issues but the solutions used don't look like they apply to me. so without further ado here are the outputs typically requested:lspci
Code: 00:00.0 Host bridge: Intel Corporation Mobile 915GM/PM/GMS/910GML Express Processor to DRAM Controller (rev 03)
I have running on RHL enterprise 4. I want to configure squid users to authenticate against windows 2003 active directory. How do I go about from scratch
Just wondering how can one go about hiding their IP or displaying a false IP in Linux. Is this possible? Its not that I have anything to hide or any such things, I just like my privacy and don't like the idea that some one can track my actions and my location.
I have a 4 disk Raid 10 with Windows 7 installed & working. (Win 7 sees this as 1 disk.) I installed 9.10 onto a 5th disk, but I think that ubuntu saw the Raid 10 as 4 separate disks and wrote the boot loader to hd0- I had to rebuild my array & I couldn't load 9.10
For the second attempt, I disconnected my Raid 10 and 9.10 is now alive & well on the 5th disk, (presumably with the boot loader on the same disk). Both Win 7 & Ubuntu 9.10 now work but I have to steer to the required disk via the bios for loading.
I'm reluctant to play with the boot loader (GRUB?) from 9.10, because it doesn't seem to like my Windows disk array. Would something like EasyBCD (used from Win 7) be an option?
Recently a friend received a couple of emails from someone she knows with web links that purported to be about health issues. She clicked through on two of them; one gave an error, and the other went to a ****** site, so she believes these are "virus" sites. And the person who "sent" the email has just confirmed that his account was "hacked" (I'm guessing actually a virus on his computer). So, two questions:
1) She's running ubuntu 10.04. Is there any reason she should have concerns about her system's security? rkhunter gives no warnings.
2) She is also concerned that it could have compromised her email account (on gmail). I don't see how this is possible, but can anyone confirm about that?
I have added no data to my hard drive in the last few days. I saw a notification saying I had only 1.8Gb left on my drive. Shortly after I dismissed it and ran: Code: sudo apt-get clean like the notification suggested. Then, another poped up. Now it said I have 0 bytes left.
So, I opened the disk usage analizer and the data seemed normal, and not my full drive size. It still was saying I have no space so I checked the properties widow for / . It said / contained 128TB of data and the file counter showed no signs of stopping after a few minutes. Obviously my drive is not 128TB in fact it's only 500GB. Also the disk manager program (system volume information?) Said it has 28 bad sectors.
I have just been checking one of my machines with rkhunter and got the following result:
Code: [17:50:08] Warning: Checking for possible rootkit strings [ Warning ] [17:50:09] Found string 'hdparm' in file '/etc/init.d/checkroot.sh'. Possible rootkit: Xzibit Rootkit [17:50:09] Found string 'hdparm' in file '/etc/init.d/bootlogd'. Possible rootkit: Xzibit Rootkit
Using a well known search engine shows that others have come across this before: [URL] I have installed the current version of rkhunter from Debian's Unstable repo,but i still have the same result as above. I now check the rkhunter wiki,which mentions the same problem: [URL]
Quote: Here is an example on my system to remove a false positive for a certain rootkit that hit hdparm.
Chkrootkit came back ok. Running ClamAV and will only add that here if it finds anything. I just neve remember seeing these before. This is in Ubuntu 10.10
way to remove open-whois.org as an rbl from /usr/share/spamassassin/50_scores.cf/usr/share/spamassassin/72_active.cfIt's creating a lot of false positives on a mail server i am using with ubuntu. i noticed only ubuntu lucid is using updated spamassassin 3.3.1 and all others are using 3.2.5i was on spamassassin's website and noticed this issue has been resolved on spamassassin 3.3.1 but not 3.2.5i tried looking in those files but they are too complicated for me to understand.i am assuming they manually have to be removed.can anyone help with the open-whois.org rbl removal from mail servers as it is currently squatted and creating false positives?
Quote: Preconfiguring packages ... (Reading database ... 78720 files and directories currently installed.) Preparing to replace apt 0.7.25.3ubuntu9 (using .../apt_0.7.25.3ubuntu9.1_i386.deb) ... Unpacking replacement apt ... dpkg: error processing /var/cache/apt/archives/apt_0.7.25.3ubuntu9.1_i386.deb (--unpack): unable to create `/usr/share/locale/dz/LC_MESSAGES/apt.mo.dpkg-new' (while processing `./usr/share/locale/dz/LC_MESSAGES/apt.mo'): No space left on device No apport report written because the error message indicates a disk full error [Code]....
I wonder if anyone can help, I've got an annoying problem with an Acer Revo running Ubuntu 9.10 with the latest NVidia drivers. The Revo is connected to my TV via an amp by HDMI. The Revo didn't seem to like this, I'm assuming due to some handshaking issue with the HDMI which meant that no signal was being passed. Therefore, in Xorg.conf I have used
Code: Option"UseEDID" "False" This makes the a picture appear but the highest resolution available is 640x480 (if I connect directly to my TV and comment out the "UseEDID" line the resolution is the proper 1920x1080).I have tried editing xorg.conf (the file is posted at the bottom) to force 1920x1080 resolution but nothing seems to work.
Code: # nvidia-settings: X configuration file generated by nvidia-settings # nvidia-settings: version 1.0 (buildd@palmer) Sun Feb 1 20:21:04 UTC 2009 Section "ServerLayout"
I have vsftpd installed on my Debian (squeeze). I wish to let a local user (ftp) access the FTP server, but not login as normal user through SSH. In vsftpd.conf, I have enabed local user and chroot. I have also changed the shell of the local user (ftp) to /bin/false. The problem is that, I cannot login the FTP server from another computer (I login as "ftp" on a Windows machine). But when I change the shell of the local user (ftp) to /bin/sh, I can login the FTP successfully.
Is this the problem of Windows, or I should use something else instead of /bin/false if I want to prevent "ftp" login service other than FTP?
I have a new (few months) HP Compaq laptop where I run Fedora 13. A couple weeks ago, it started complaining about too many bad sectors in the HD. What I have done is to remove palimpsest from load-on-start list, so I don't get the annoying message. I know the palimpsest Disk Utility has given problems like this (false positives) in Ubuntu, and F11. So my concerns are:
Is it normal in F13 to get those palimpsest warnings? Or should I consider the idea that my new HD is really failing? If this is a bug in palimpsest, is it going to be fixed soon?
I ve upgraded my system from F11 to F12 recently . Everything went good till now. Yesterday i ve tried to check if there was any update via software update and a very very bad thing happened without me knowing it updated to all dev-test packages of F13.
Is there any way of uninstalling-removing everything thats connected with F13 from my system cause now all is going very slow and laggy probably bugfull. Also my software sources tab has vanished from menu...i ve tried to edit the menu to see if i can add it back but no luck its not there also....i can enter it only via terminal.
