It works! Thanks a lot Joshua! But, of course, now theres one more question: Is it normal that I can only see broadcast frames?? And only 802.11 management frames (Beacons and Probe requests) no actual application data, ICMP or whatever?
I hope this is not normal... SOme kind of setting maybe?? G -----Original Message----- From: Joshua Wright To: Gino Heyman Sent: 1/3/03 1:26 PM Subject: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Mandrake 9 .0 Gino, Cool. Drop me a line if you need some assistance. I really like my Cisco 350 card - I use it for packet captures for all the wireless research projects I do. -Joshua Wright Team Leader, Networks and Systems Johnson & Wales University [EMAIL PROTECTED] http://home.jwu.edu/jwright/ pgpkey: http://home.jwu.edu/jwright/pgpkey.htm fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73 > -----Original Message----- > From: Gino Heyman [mailto:[EMAIL PROTECTED] > Sent: Friday, January 03, 2003 4:30 AM > To: Joshua Wright; '[EMAIL PROTECTED]' > Subject: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350 > pcmcia adapter on Mandrake 9 .0 > > > Joshua, > > Thanks again. I think I'm almost there. Had quite some issues > building the > kernel last night, but I think I found the reason... Will > keep you informed. > > By the way Mdk 9.0 (2.4.19-16mdk) uses 'yenta_socket'... > > G > > -----Original Message----- > From: Joshua Wright [mailto:[EMAIL PROTECTED] > Sent: donderdag 2 januari 2003 14:02 > To: Gino Heyman; [EMAIL PROTECTED] > Subject: RE: [Ethereal-users] Sniffing 802.11b using the > Cisco 350 pcmcia > adapter on Mandrake 9 .0 > > Gino, > > You may be using a version of the Cisco Aironet drivers that > do not support > RFMON. David Hinds' pcmcia-cs package hasn't supported RFMON in their > supplied Aironet drivers for some time now, and the > airo-linux package on > sourceforge.net is unfortunately buggy in the current CVS files (and > correspondingly buggy in the 2.4.20 kernel). > > On my Slackware machines I am using the 2.4.20 kernel with > the pcmcia-cs > 3.2.1 package. Instead of using the supplied drivers with > pcmcia-cs, I > downloaded these three files from the airo-linux CVS archive > (thanks to Max > from remote-exploit.org for pointing these files out): > > http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo -linux/airo-li nux/kernel/airo.c?rev=1.34 http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/air o-li nux/kernel/airo_cs.c?rev=1.4 http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/air o-li nux/kernel/airo.h?rev=1.7 And copied them into my /usr/src/pcmcia-3.2.1/wireless directory. Then I rebuilt pcmcia-cs ("./Configure ; make all ; make install"), ran depmod and restarted my PCMCIA services from the init script ("/etc/rc.d/rc.pcmcia restart" on my system). If you are using the kernel services for PCMCIA and drivers, just copy these files over their respective counterparts in your /usr/src/linux tree and do a "make dep modules modules_install". Hope this helps. -Joshua Wright Team Leader, Networks and Systems Johnson & Wales University [EMAIL PROTECTED] http://home.jwu.edu/jwright/ pgpkey: http://home.jwu.edu/jwright/pgpkey.htm fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73 -----Original Message----- From: Gino Heyman [mailto:[EMAIL PROTECTED] Sent: Thursday, January 02, 2003 6:34 AM To: '[EMAIL PROTECTED]' Subject: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Mandrake 9 .0 Hello there, I'm trying to do some sniffing with my Cisco 350 pcmcia WLAN adapter. From the various docs I've found this should be a piece of cake. I think I have all I need: latest libpcap, tcpdump and ethereal. The aironet drivers of the kernel should allow promiscuous mode, but when id echo 'Mode: r' or 'Mode: y' or 'Mode: rfmon' to /proc/driver/aironet/eth1/Config. I don't see any changes afterwards. Don't need to say that sniffing doesn't work... Has anybody got an idea on what might be wrong? Is my kernel driver not ok (Mandrake 9.0)? Thanks, G
