Ethereal-users: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia adapter on Man

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Gino Heyman <Heyman.G@xxxxxxxxxxxx>
Date: Fri, 3 Jan 2003 10:29:38 +0100
Joshua,

Thanks again. I think I'm almost there. Had quite some issues building the
kernel last night, but I think I found the reason... Will keep you informed.

By the way Mdk 9.0 (2.4.19-16mdk) uses 'yenta_socket'...

G

-----Original Message-----
From: Joshua Wright [mailto:Joshua.Wright@xxxxxxx] 
Sent: donderdag 2 januari 2003 14:02
To: Gino Heyman; ethereal-users@xxxxxxxxxxxx
Subject: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia
adapter on Mandrake 9 .0

Gino,

You may be using a version of the Cisco Aironet drivers that do not support
RFMON.  David Hinds' pcmcia-cs package hasn't supported RFMON in their
supplied Aironet drivers for some time now, and the airo-linux package on
sourceforge.net is unfortunately buggy in the current CVS files (and
correspondingly buggy in the 2.4.20 kernel).

On my Slackware machines I am using the 2.4.20 kernel with the pcmcia-cs
3.2.1 package.  Instead of using the supplied drivers with pcmcia-cs, I
downloaded these three files from the airo-linux CVS archive (thanks to Max
from remote-exploit.org for pointing these files out):

http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/airo-li
nux/kernel/airo.c?rev=1.34 
 
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/airo-li
nux/kernel/airo_cs.c?rev=1.4 
 
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/airo-li
nux/kernel/airo.h?rev=1.7

And copied them into my /usr/src/pcmcia-3.2.1/wireless directory.  Then I
rebuilt pcmcia-cs ("./Configure ; make all ; make install"), ran depmod and
restarted my PCMCIA services from the init script ("/etc/rc.d/rc.pcmcia
restart" on my system).

If you are using the kernel services for PCMCIA and drivers, just copy these
files over their respective counterparts in your /usr/src/linux tree and do
a "make dep modules modules_install".

Hope this helps.

-Joshua Wright
Team Leader, Networks and Systems
Johnson & Wales University
Joshua.Wright@xxxxxxx 
http://home.jwu.edu/jwright/

pgpkey: http://home.jwu.edu/jwright/pgpkey.htm
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73



-----Original Message-----
From: Gino Heyman [mailto:Heyman.G@xxxxxxxxxxxx]
Sent: Thursday, January 02, 2003 6:34 AM
To: 'ethereal-users@xxxxxxxxxxxx'
Subject: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia
adapter on Mandrake 9 .0


Hello there,
 
I'm trying to do some sniffing with my Cisco 350 pcmcia WLAN adapter. From
the various docs I've found this should be a piece of cake. I think I have
all I need: latest libpcap, tcpdump and ethereal. The aironet drivers of the
kernel should allow promiscuous mode, but when id echo 'Mode: r' or 'Mode:
y' or 'Mode: rfmon' to /proc/driver/aironet/eth1/Config. I don't see any
changes afterwards. Don't need to say that sniffing doesn't work...
 
Has anybody got an idea on what might be wrong? Is my kernel driver not ok
(Mandrake 9.0)?
 
Thanks,
 
G