From owner-freebsd-mobile@FreeBSD.ORG Thu May 20 08:34:37 2004 Return-Path: Delivered-To: freebsd-mobile@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A66EB16A4CE for ; Thu, 20 May 2004 08:34:37 -0700 (PDT) Received: from poseidon.quiecom.com (poseidon.quiecom.com [66.98.144.73]) by mx1.FreeBSD.org (Postfix) with ESMTP id 42A8743D41 for ; Thu, 20 May 2004 08:34:37 -0700 (PDT) (envelope-from fish@fish-mail.com) X-ClientAddr: 208.44.60.32 Received: from [10.1.130.39] (internet-user.jwt.com [208.44.60.32]) (authenticated (0 bits)) by poseidon.quiecom.com (8.11.6/8.11.6) with ESMTP id i4KFYNV24561; Thu, 20 May 2004 11:34:23 -0400 From: Fish To: Sam Leffler Date: Thu, 20 May 2004 11:38:52 -0400 User-Agent: KMail/1.6.2 References: <200405200904.37966.fish@fish-mail.com> <200405200825.06207.sam@errno.com> In-Reply-To: <200405200825.06207.sam@errno.com> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200405201138.52801.fish@fish-mail.com> X-MailScanner-Information: Please contact the ISP for more information X-MailScanner: Found to be clean X-MailScanner-SpamCheck: not spam, SpamAssassin (score=-38.9, required 5, BAYES_01, EMAIL_ATTRIBUTION, IN_REP_TO, QUOTED_EMAIL_TEXT, REFERENCES, REPLY_WITH_QUOTES, USER_AGENT_KMAIL) cc: freebsd-mobile@freebsd.org Subject: Re: Orinoco Wireless Card and Monitor Mode w/ Kismet - No Longer Working? X-BeenThere: freebsd-mobile@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Mobile computing with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 May 2004 15:34:37 -0000 On Thursday 20 May 2004 11:25 am, Sam Leffler wrote: > On Thursday 20 May 2004 06:04 am, Fish wrote: > > When I built from source I configured with --enable-syspcap and used > > source=radiotap_fbsd_b,wi0,wtapb,10 as my source. > > You didn't mention what kernel you're running. radiotap support should > work fine in current. > > Sam Sorry, thought I said I was running -current, guess not. bash-2.05b$ uname -a FreeBSD somethingwicked 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Sun May 16 23:57:02 EDT 2004 fish@somethingwicked:/usr/obj/usr/src/sys/CURRENT-TWO i386 Here's the console output when I run the server... bash-2.05b$ sudo kismet_server Will drop privs to fish (1001) gid 1001 No specific sources given to be enabled, all will be enabled. Enabling channel hopping. Disabling channel splitting. Source 0 (wtapb): Enabling monitor mode for radiotap_fbsd_b source interface wi0 channel 10... Source 0 (wtapb): Opening radiotap_fbsd_b source interface wi0... WARNING: pcap reports link type of EN10MB but we'll fake it on BSD. This may not work the way we want it to. WARNING: Some Free- and Net- BSD drivers do not report rfmon packets correctly. Kismet will probably not run correctly. For better support, you should upgrade to a version of *BSD with Radiotap. Spawned channelc control process 12761 Dropped privs to fish (1001) gid 1001 Allowing clients to fetch WEP keys. Logging networks to /home/fish/kismet/20040520-Kismet-1-network.txt Logging cryptographically weak packets to /home/fish/kismet/20040520-Kismet-1-weak.txt Logging cisco product information to /home/fish/kismet/20040520-Kismet-1-cisco.txt Logging data to /home/fish/kismet/20040520-Kismet-1-dump.txt Writing data files to disk every 300 seconds. Mangling encrypted and fuzzy data packets. Tracking probe responses and associating probe networks. Reading AP manufacturer data and defaults from /usr/local/etc/ap_manuf Reading client manufacturer data and defaults from /usr/local/etc/client_manuf Dump file format: wiretap (local code) dump Crypt file format: airsnort (weak packet) dump Kismet 2004.04.R1 (Kismet) Logging data networks weak cisco Listening on port 2501. Allowing connections from 127.0.0.1/255.255.255.255 Registering builtin client/server protocols... Registering requested alerts... Registering builtin timer events... Gathering packets... ^CDidn't detect any networks, unlinking network list. Didn't detect any Cisco Discovery Packets, unlinking cisco dump Didn't capture any packets, unlinking dump file Didn't see any weak encryption packets, unlinking weak file Sending termination request to channel control child 12761... Waiting for channel control child 12761 to exit... WARNING: Sometimes cards don't always come out of monitor mode cleanly. If your card is not fully working, you may need to restart or reconfigure it for normal operation. Kismet exiting. Anything look amiss to anyone? Thanks, Fish