悪いAPチャネルホッピングの問題

tag-icon tag-icon networking wifi kali-linux access-point
悪いAPチャネルホッピングの問題

AP は設定できますが、AP のモニタ インターフェイスとチャネルを明示的に設定したにもかかわらず、AP 周波数は周期的に変化します。

私の設定:

  • オペレーティングシステム:Kali Linux 1.0(USBドライブから起動)
  • 外部ネットワークアダプタ:Alfa AWUS036NH(チップセットRalink RT2870/3070、ドライバ:rt2800usb)
  • オンボードネットワークアダプタ:Atheros(チップセットAR9485、ドライバ:ath9k)

私が達成したいもの:

  • Alfaアダプタのチャネル6で実行されるAPの生成

私がしたこと:

root@kali:~# ifconfig
eth0      Link encap:Ethernet  HWaddr dc:0e:a1:28:8f:fc  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:16 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:480 (480.0 B)  TX bytes:480 (480.0 B)

wlan0     Link encap:Ethernet  HWaddr 9c:b7:0d:04:d2:f5  
          inet addr:192.168.2.140  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::9eb7:dff:fe04:d2f5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:105 errors:0 dropped:0 overruns:0 frame:0
          TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:11692 (11.4 KiB)  TX bytes:2834 (2.7 KiB)

wlan3     Link encap:Ethernet  HWaddr 00:c0:ca:59:23:d0  
          inet addr:192.168.2.223  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::2c0:caff:fe59:23d0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:21 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1572 (1.5 KiB)  TX bytes:1300 (1.2 KiB)

root@kali:~# iwconfig
eth0      no wireless extensions.

lo        no wireless extensions.

wlan3     IEEE 802.11bgn  ESSID:"SomeNetwork"  
          Mode:Managed  Frequency:2.437 GHz  Access Point: 0A:60:6E:EA:96:31   
          Bit Rate=13 Mb/s   Tx-Power=20 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:on
          Link Quality=70/70  Signal level=-27 dBm  
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:2   Missed beacon:0

wlan0     IEEE 802.11bgn  ESSID:"SomeNetwork"  
          Mode:Managed  Frequency:2.437 GHz  Access Point: 0A:60:6E:EA:96:31   
          Bit Rate=1 Mb/s   Tx-Power=16 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality=70/70  Signal level=-39 dBm  
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:2  Invalid misc:25   Missed beacon:0

root@kali:~# ifconfig wlan3 down
root@kali:~# ifconfig
eth0      Link encap:Ethernet  HWaddr dc:0e:a1:28:8f:fc  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:16 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:480 (480.0 B)  TX bytes:480 (480.0 B)

wlan0     Link encap:Ethernet  HWaddr 9c:b7:0d:04:d2:f5  
          inet addr:192.168.2.140  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::9eb7:dff:fe04:d2f5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:125 errors:0 dropped:0 overruns:0 frame:0
          TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:15214 (14.8 KiB)  TX bytes:2834 (2.7 KiB)

root@kali:~# iwconfig
eth0      no wireless extensions.

lo        no wireless extensions.

wlan3     IEEE 802.11bgn  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:on

wlan0     IEEE 802.11bgn  ESSID:"SomeNetwork"  
          Mode:Managed  Frequency:2.437 GHz  Access Point: 0A:60:6E:EA:96:31   
          Bit Rate=1 Mb/s   Tx-Power=16 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality=70/70  Signal level=-38 dBm  
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:2  Invalid misc:25   Missed beacon:0

root@kali:~# airmon-ng check kill


Found 4 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e 
PID Name
3512    NetworkManager
3620    wpa_supplicant
3849    dhclient
4263    dhclient
Process with PID 4263 (dhclient) is running on interface wlan3
Process with PID 3849 (dhclient) is running on interface wlan0
Killing all those processes...
root@kali:~# airmon-ng check kill
root@kali:~# ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:720 (720.0 B)  TX bytes:720 (720.0 B)

root@kali:~# iwconfig
eth0      no wireless extensions.

lo        no wireless extensions.

wlan3     IEEE 802.11bgn  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:on

wlan0     IEEE 802.11bgn  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=16 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off

root@kali:~# iwconfig wlan3 channel 6
root@kali:~# airmon-ng start wlan3 6


Interface   Chipset     Driver

wlan3       Ralink RT2870/3070  rt2800usb - [phy1]
                (monitor mode enabled on mon0)
wlan0       Atheros AR9485  ath9k - [phy0]

root@kali:~# airbase-ng -c 6 -e FreeWiFi mon0
15:04:22  Created tap interface at0
15:04:22  Trying to set MTU on at0 to 1500
15:04:22  Trying to set MTU on mon0 to 1800
15:04:22  Access Point with BSSID 00:C0:CA:59:23:D0 started.

別のターミナルウィンドウでmon0でairodum-ngを実行すると、チャネルホッピングが発生することがわかります(CH値xが変更され続けます)。

BSSID    PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH  ESSID
00:C0:CA:59:23:D0    0     2969        0    0   x  54   OPN              FreeWiFi

at0 インタフェースが設定されておらず、dhcp サービスが実行されていませんが、この段階ではそれが重要ではないと思います。

他のAndroidデバイスでWiFiアナライザアプリを起動しましたが、このアプリで私の不良AP「FreeWiFi」が実際にチャンネルホッピングをしていることを確認しました。

質問:

1)wlan3、mon0、APチャンネルを6に設定しましたが、なぜチャンネルジャンプが発生するのですか?

2)APが固定チャネルで動作するようにするにはどうすればよいですか?

この動作を分析するために追加情報が必要な場合はお知らせください。

ベストアンサー1

おすすめ記事