I'm using madwifi 0.9.2 in a Wi-Fi packet sniffing configuration: I have a
D-Link DWL-G650 (Atheros) card plugged into a laptop running Fedora Core5.
I followed the instructions on the UserDocs/MonitorModeInterface section of
the madwifi website. I am now able to successfully sniff and decode
802.11management frames. For a given channel, I can see all the
req/rsp, ackknowledgements, etc.
I am not able to see any non-management (i.e. data) traffic. For example,
when I send pings between a couple of wireless stations, I only see the ACK
frames that result from the ping session. Both wireless stations report
that the ping is successful.
-I am not using any capture filters.
-I am capturing packets on the "ath0" interface.
-I run [echo '801' > /proc/sys/net/ath0/dev_type]; Ethereal seems happy with
this setting and is able to decode all the 802.11 information elements.
-I have ethereal set to capture in "promiscuous mode."
-I also tried running the command 'ifconfig ath0 mode promisc" but this
doesn't seem to be supported.
Does anyone know if I missed a step in configuration? There may be another
"wlanconfig" command I need to send; I searched around for a while and
didn't see mention of such a command.
From: Alfred Arnold <alfred@cc...> - 2006-10-26 06:28:56
>I am not able to see any non-management (i.e. data) traffic.=A0 For
>example, when I send pings between a couple of wireless stations, I only
>see the ACK frames that result from the ping session.=A0 Both wireless
>stations report that the ping is successful.
Is the communication between these two stations encrypted? If yes, the
Atheros hardware might simply discard received data packets as
undecryptable as long as it doesn't have the correct keys. If the two
stations are only using static WEP, it's simple to configure this key also
into the sniffer. If they're using WPA however, this is difficult to
solve since the AES/TKIP key varies from session to session. If you're
only interested in the packet headers, MADwifi might have an option to
pass up undecrypted packets anyway, but I'm not sure about that...
Get latest updates about Open Source Projects, Conferences and News.