On Fri, Dec 06, 2002 at 09:46:19AM -0500, Greg Lumpkin wrote:
> I would like to use Ethereal to test the security of my Wi-Fi installations.
> Unfortunately, I have read on the website that 802.11 raw data capturing is
> not available yet on the Windows 2000 platform.
>
> Does anyone know when/if this will be available?
It will be available when:
Microsoft have a standard NDIS interface to allow "monitor mode"
to be turned on for an 802.11 interface;
suppliers of 802.11 cards modify their drivers to support that
interface;
WinPcap is changed to use that interface;
capture programs such as WinDump and Ethereal are changed, if
that's required, to get WinPcap to turn monitor mode on.
The list above is in "dependency order", i.e. the N+1st item on the list
can't be done until the Nth item is done. I have no idea when, if ever,
the first of those will be done.
> Is there a "workaround"?
1) use Linux or FreeBSD and one of the cards on which the OS in
question supports monitor mode:
http://www.ethereal.com/faq.html#q5.22
2) buy a WSP100 device and capture from it using Packetyzer:
http://www.packetyzer.com/
(Packetyzer isn't Ethereal, strictly speaking, but it is based on
the same packet decoding engine as Ethereal, is a native Windows
GUI app rather than a GTK+-for-Windows app, and appears, from
the screenshots, to have features that Ethereal doesn't
currently have).