sniffing 802.11with Cisco Aironet 350

sniffing 802.11with Cisco Aironet 350

Post by Edu » Sat, 04 Jan 2003 05:02:15



Hi,

I'm trying to monitor 802.11 traffic with a Cisco Aironet 350 pcmcia card on
my laptop running a red Hat 7.3 (kernel 2.4.18-3). I've followed the steps
explained in http://www.cs.umd.edu/~npetroni/airo.html but it seems that
there is no way to put the card into rfmon mode. I have the latest drivers
from airo-linux (no need to patch?), latest libpcap (0.8), lastest tcpdump
and latest ethereal, but when I do

echo 'Mode: rfmon' > /proc/ ... /eth1/Config (strange, but it's not wifi0 as
I expected)

or

echo 'Mode: r' > /proc/ ... /eth1/Config
echo 'Mode: y' > /proc/ ... /eth1/Config

there is no change... Mode is always ESS

Can anybody help me?

Thanks in advance

Edu

 
 
 

sniffing 802.11with Cisco Aironet 350

Post by Kyler Lair » Sat, 04 Jan 2003 07:25:42



>I'm trying to monitor 802.11 traffic with a Cisco Aironet 350 pcmcia card on
>my laptop running a red Hat 7.3 (kernel 2.4.18-3).

I sniff a lot with a 350 and Kismet under Debian.

Quote:>I've followed the steps
>explained in http://www.cs.umd.edu/~npetroni/airo.html but it seems that
>there is no way to put the card into rfmon mode.

Do you have a cisco_monitor script?  Take a look at mine.

--kyler

=========================================================================
# cat `which cisco_monitor`
#!/bin/sh

prefix=/usr/local
ETC=${prefix}/etc

if test "$1" = ""; then
    device=`grep -e "^\ *capinterface *=" $ETC/kismet.conf | cut -d= -f2 | tr -d [:blank:]`
else
    device=$1
fi

if test "$device" = ""; then
    echo "Could not determine what capture device is being used."
    echo "Please make sure your 'capinterface=' is valid or specify the device on the $0 command"
        echo "line."
    exit 1
fi

iwconfig $device essid off
echo "Mode: r" > /proc/driver/aironet/$device/Config
echo "Mode: y" > /proc/driver/aironet/$device/Config
echo "XmitPower: 1" > /proc/driver/aironet/$device/Config
ifconfig $device up

 
 
 

1. URGENT HELP - Erratic behaviour in sniffing packets using an Aironet 350 series PCI card

I am trying to sniff packets using an Aironet 350 series PCI card, on
a 2.4.18-3 kernel. The problem is that it is very erratic. I send out
packets from my laptop which has an Orinoco Gold card. The sniffer
that I have written was working perfectly well, until suddenly,
without any change in software, the Aironet card stopped catching any
packets from the laptop. Just as suddenly, it started again, and is
now again not capturing any packets from the laptop. It is able to
sniff other packets perfectly, including the beacons. Both the cards
are on the same channel. The laptop is definitely sending packets as I
am accessing the internet on a wireless connection.

What could be the reason for the erratic behaviour while sniffing?

Thanks,
Vishal

2. dying harddrive?

3. Cisco Aironet 350 PCMCIA card. Which chipset?

4. BroadBand Problem

5. Cisco Aironet 350 HELP!

6. String wraparound in List widget on Solaris with Leo board

7. Cisco Aironet 350 Wireless PCI 802.11 card - problems!

8. New site

9. Cisco Aironet 350 series wireless NIC

10. Cisco aironet 350 wirless lan adapter

11. Please help on installing CISCO Aironet 350 PCMCIA Wireless on RH8

12. Cisco Aironet 350 pc card - bcard clears settings.

13. Cisco Aironet 350 Setup on Slackware 8.0