Enh_sec

Jouni Malinen jkmaline at cc.hut.fi
Mon May 31 21:34:09 EDT 2004


On Mon, May 31, 2004 at 09:14:28PM -0400, Patrick Poncet wrote:

> I was trying to reduce visibility in an effort to increase security, by
> enabling enh_sec = 3.

> It seems to confuse wpa_supplicant.   My wpa_supplicant config is:

> Network={

That 'N' is hopefully lower case..

> 	scan_ssid=1

Good, this is indeed needed when SSID is not included in the beacon.

> wpa_supplicant does indeed a scan and discovers my AP.  But here's the
> output

> Starting AP scan (specific SSID)
> Scan SSID - hexdump_ascii(len=7)
>      74 69 64 73 70 70 67                              tidsppg
> Wireless event: cmd=0x8b19 len=12
> Received 230 bytes of scan results (1BSSes)
> Scan results: 1
> 0: 11:22:33:44:55:66 ssid='' wpa_ie_len=28 rsn_ie_len=0
> No suitable AP found.

> It looks like it gives up because ssid = ''.  ssid='' is indeed
> expected... But shouldn't wpa_supplicant continue anyway?

The driver is supposed to learn the real SSID from Probe Response. For
example, I get following results when testing with SSID removed from
beacon frame:

Starting AP scan (specific SSID)
Scan SSID - hexdump_ascii(len=11):
     6a 6b 6d 20 70 72 69 76 61 74 65                  jkm private
Wireless event: cmd=0x8b19 len=12
Received 527 bytes of scan results (2 BSSes)
Scan results: 2
0: 00:09:5b:95:e0:4e ssid='' wpa_ie_len=26 rsn_ie_len=0
   skip - SSID mismatch
1: 00:09:5b:95:e0:4e ssid='jkm private' wpa_ie_len=26 rsn_ie_len=0
Trying to associate with 00:09:5b:95:e0:4e (SSID='jkm private' freq=2412
MHz)

In this case, the same AP was shown twice. The first entry is from the
beacon frame and the second one is from probe response. Please verify
whether the driver has the correct SSID in
/proc/net/hostap/wlan0/scan_results.

I used another AP (i.e., not Prism2/hostapd) in this test, so it is
possible that the Probe Request handling differs from your test. I know
that my AP includes the real SSID in Probe Response frame, so maybe the
issue is in Prism2 station firmware not doing this.. I'll need to take a
closer look at this with a wireless sniffer.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list