[Gino Heyman <Heyman.G@xxxxxxxxxxxx>]

 It works! Thanks a lot Joshua!

But, of course, now theres one more question: Is it normal that I can only
see broadcast frames?? And only 802.11 management frames (Beacons and Probe
requests) no actual application data, ICMP or whatever?

I hope this is not normal... SOme kind of setting maybe??

G

-----Original Message-----
From: Joshua Wright
To: Gino Heyman
Sent: 1/3/03 1:26 PM
Subject: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia
adapter on Mandrake 9 .0

Gino,

Cool.  Drop me a line if you need some assistance.  I really like my
Cisco 350 card - I use it for packet captures for all the wireless
research projects I do.

-Joshua Wright
Team Leader, Networks and Systems
Johnson & Wales University
Joshua.Wright@xxxxxxx 
http://home.jwu.edu/jwright/

pgpkey: http://home.jwu.edu/jwright/pgpkey.htm
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73



> -----Original Message-----
> From: Gino Heyman [mailto:Heyman.G@xxxxxxxxxxxx]
> Sent: Friday, January 03, 2003 4:30 AM
> To: Joshua Wright; 'ethereal-users@xxxxxxxxxxxx'
> Subject: RE: [Ethereal-users] Sniffing 802.11b using the Cisco 350
> pcmcia adapter on Mandrake 9 .0
> 
> 
> Joshua,
> 
> Thanks again. I think I'm almost there. Had quite some issues 
> building the
> kernel last night, but I think I found the reason... Will 
> keep you informed.
> 
> By the way Mdk 9.0 (2.4.19-16mdk) uses 'yenta_socket'...
> 
> G
> 
> -----Original Message-----
> From: Joshua Wright [mailto:Joshua.Wright@xxxxxxx] 
> Sent: donderdag 2 januari 2003 14:02
> To: Gino Heyman; ethereal-users@xxxxxxxxxxxx
> Subject: RE: [Ethereal-users] Sniffing 802.11b using the 
> Cisco 350 pcmcia
> adapter on Mandrake 9 .0
> 
> Gino,
> 
> You may be using a version of the Cisco Aironet drivers that 
> do not support
> RFMON.  David Hinds' pcmcia-cs package hasn't supported RFMON in their
> supplied Aironet drivers for some time now, and the 
> airo-linux package on
> sourceforge.net is unfortunately buggy in the current CVS files (and
> correspondingly buggy in the 2.4.20 kernel).
> 
> On my Slackware machines I am using the 2.4.20 kernel with 
> the pcmcia-cs
> 3.2.1 package.  Instead of using the supplied drivers with 
> pcmcia-cs, I
> downloaded these three files from the airo-linux CVS archive 
> (thanks to Max
> from remote-exploit.org for pointing these files out):
> 
> http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo
-linux/airo-li
nux/kernel/airo.c?rev=1.34 
 
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/air
o-li
nux/kernel/airo_cs.c?rev=1.4 
 
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/airo-linux/air
o-li
nux/kernel/airo.h?rev=1.7

And copied them into my /usr/src/pcmcia-3.2.1/wireless directory.  Then
I
rebuilt pcmcia-cs ("./Configure ; make all ; make install"), ran depmod
and
restarted my PCMCIA services from the init script ("/etc/rc.d/rc.pcmcia
restart" on my system).

If you are using the kernel services for PCMCIA and drivers, just copy
these
files over their respective counterparts in your /usr/src/linux tree and
do
a "make dep modules modules_install".

Hope this helps.

-Joshua Wright
Team Leader, Networks and Systems
Johnson & Wales University
Joshua.Wright@xxxxxxx 
http://home.jwu.edu/jwright/

pgpkey: http://home.jwu.edu/jwright/pgpkey.htm
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73



-----Original Message-----
From: Gino Heyman [mailto:Heyman.G@xxxxxxxxxxxx]
Sent: Thursday, January 02, 2003 6:34 AM
To: 'ethereal-users@xxxxxxxxxxxx'
Subject: [Ethereal-users] Sniffing 802.11b using the Cisco 350 pcmcia
adapter on Mandrake 9 .0


Hello there,
 
I'm trying to do some sniffing with my Cisco 350 pcmcia WLAN adapter.
From
the various docs I've found this should be a piece of cake. I think I
have
all I need: latest libpcap, tcpdump and ethereal. The aironet drivers of
the
kernel should allow promiscuous mode, but when id echo 'Mode: r' or
'Mode:
y' or 'Mode: rfmon' to /proc/driver/aironet/eth1/Config. I don't see any
changes afterwards. Don't need to say that sniffing doesn't work...
 
Has anybody got an idea on what might be wrong? Is my kernel driver not
ok
(Mandrake 9.0)?
 
Thanks,
 
G