Wireshark · Ethereal-users: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Mandrake 9 .0

Ethereal-users: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Mand

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Joshua Wright" <Joshua.Wright@xxxxxxx>

Date: Thu, 2 Jan 2003 08:01:44 -0500

Gino,

You may be using a version of the Cisco Aironet drivers that do not support RFMON.  David Hinds' pcmcia-cs package hasn't supported RFMON in their supplied Aironet drivers for some time now, and the airo-linux package on sourceforge.net is unfortunately buggy in the current CVS files (and correspondingly buggy in the 2.4.20 kernel).

On my Slackware machines I am using the 2.4.20 kernel with the pcmcia-cs 3.2.1 package.  Instead of using the supplied drivers with pcmcia-cs, I downloaded these three files from the airo-linux CVS archive (thanks to Max from remote-exploit.org for pointing these files out):

http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/airo-linux/kernel/airo.c?rev=1.34 
 http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/airo-linux/kernel/airo_cs.c?rev=1.4 
 http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/airo-linux/kernel/airo.h?rev=1.7

And copied them into my /usr/src/pcmcia-3.2.1/wireless directory.  Then I rebuilt pcmcia-cs ("./Configure ; make all ; make install"), ran depmod and restarted my PCMCIA services from the init script ("/etc/rc.d/rc.pcmcia restart" on my system).

If you are using the kernel services for PCMCIA and drivers, just copy these files over their respective counterparts in your /usr/src/linux tree and do a "make dep modules modules_install".

Hope this helps.

-Joshua Wright
Team Leader, Networks and Systems
Johnson & Wales University
Joshua.Wright@xxxxxxx 
http://home.jwu.edu/jwright/

pgpkey: http://home.jwu.edu/jwright/pgpkey.htm
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73



-----Original Message-----
From: Gino Heyman [mailto:Heyman.G@xxxxxxxxxxxx]
Sent: Thursday, January 02, 2003 6:34 AM
To: 'ethereal-users@xxxxxxxxxxxx'
Subject: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Mandrake 9 .0


Hello there,
 
I'm trying to do some sniffing with my Cisco 350 pcmcia WLAN adapter. >From the various docs I've found this should be a piece of cake. I think I have all I need: latest libpcap, tcpdump and ethereal. The aironet drivers of the kernel should allow promiscuous mode, but when id echo 'Mode: r' or 'Mode: y' or 'Mode: rfmon' to /proc/driver/aironet/eth1/Config. I don't see any changes afterwards. Don't need to say that sniffing doesn't work...
 
Has anybody got an idea on what might be wrong? Is my kernel driver not ok (Mandrake 9.0)?
 
Thanks,
 
G

Prev by Date: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Mandrake 9 .0
Next by Date: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Mandrake 9 .0
Previous by thread: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Mandrake 9 .0
Next by thread: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Mandrake 9 .0
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$