Re: prism2ethereal


From: Jouni Malinen (jkm_at_ssh.com)
Date: 2002-03-21 05:14:27 UTC



On Wed, Mar 20, 2002 at 03:14:43PM -0800, Masanori Nakahara wrote:

> Now, trying to capture raw frames and to analyze them.
> There are two tools in sniff directory in prism2 packages.
> "wlansniff" seems to correctly work after running
> "iwpriv wlan0 monitor 1". I just see output like tcpdump
> on stdout.

> However, I can't see any output with running "prism2ethereal"
> after running "iwprv wlan0 monitor 2". Do I need additional
> setting?

prism2ethereal uses monitor mode 1 just like wlansniff. It is supposed (haven't tested it for a while ;-)) to create a dump file (to stdout?) that can be read to Ethereal.

Monitor mode 2 changes the wlan0 device to include 802.11 header so that it can be sniffed directly, e.g., using Ethereal, so that there is no need for temporary files. This requires quite new version of libpcap. In addition, this does not include the Prism2 specific RX header (that has, e.g., signal quality info, etc.).

-- 
Jouni Malinen
SSH Communications Security Corp
jouni.malinen_at_ssh.com


This archive was generated by hypermail 2.1.4.