1 |
On Fri, Feb 3, 2012 at 3:10 PM, Grant <emailgrant@×××××.com> wrote: |
2 |
>>>>>>> Is there any way to verify that my wireless client connections are |
3 |
>>>>>>> encrypted via WPA2? |
4 |
>>>>>>> |
5 |
>>>>>>> - Grant |
6 |
>>>>>>> |
7 |
>>>>>> |
8 |
>>>>>> iwlist $interface scan |
9 |
>>>>>> |
10 |
>>>>>> Will give you enough information to tell if the wireless network |
11 |
>>>>>> supports WPA (instead of being WPA2-only). I don't know how you might |
12 |
>>>>>> inspect a connection from the client's perspective. That probably |
13 |
>>>>>> depends on the tool you're using. |
14 |
>>>>> |
15 |
>>>>> Is it strange that I get this from iwconfig on the connected client: |
16 |
>>>>> |
17 |
>>>>> Encryption key:off |
18 |
>>>> |
19 |
>>>> That's normal. iwconfig only knows about WEP. WPA and WPA2 are |
20 |
>>>> different animals. |
21 |
>>> |
22 |
>>> Got it, thanks for your help Michael. |
23 |
>> |
24 |
>> Actually, I think I was only half-right. It's normal for iwconfig to |
25 |
>> show Encryption key:off when connected to WPA and WPA2 networks, it's |
26 |
>> true that WPA and WPA2 are different animals, and I believe it's true |
27 |
>> that iwconfig only knows about WEP. |
28 |
>> |
29 |
>> But there's something strange about the "Encryption key:" line. A |
30 |
>> survey of my apartment from my laptop, which I connected to via ssh, |
31 |
>> revealed that "iwconfig" reports "Encryption key:off", while "iwlist" |
32 |
>> shows "Encryption key:on" for the BSSID I'm connected to (And I'm |
33 |
>> showing "IEEE 802.11i/WPA2 Version 1" for my encryption mode). |
34 |
>> |
35 |
>> I don't know the cause of the discrepancy, though I could guess at a |
36 |
>> half-dozen different plausible sources. |
37 |
> |
38 |
> I thought you were saying iwconfig doesn't know about WPA/WPA2 but |
39 |
> iwlist does. That would account for the discrepancy, right? |
40 |
|
41 |
That allows for a discrepancy, but it doesn't satisfactorily account |
42 |
for it. "Encryption: on", to me, is a superset of "Encryption key: |
43 |
on". |
44 |
|
45 |
The best explanation I can think of is that iwconfig's "Encryption |
46 |
key" is referring to a piece of hardware state involving encryption, |
47 |
but that that's turned off after a handoff to something else, and that |
48 |
iwlist's "Encryption key" means you need an encryption key to get in |
49 |
in the first place. |
50 |
|
51 |
-- |
52 |
:wq |