[Ilugc] Using tcpdump with wireless interface(Ralink chipset)
- From: m.sujith@xxxxxxxxx (Sujith Manoharan)
- Date: Thu May 3 09:39:10 2007
On Wed, 2007-05-02 at 18:43 +0530, ramprasad wrote:
Hi,
I am trying to install a wireless sniffer(tcpdump) on Linux(RH 9).
I have a Dlink PCI Card which comes with a ralink chipset.
I am able to put the card in Monitor mode but it doesn't show the contents
of the packets when tcpdump is used.
When the card is put in Infrastructure mode using iwconfig, I am able to see
the packets that are sent to the BSSID that I had configured for the card
using iwconfig.
Is it possible to see all the packets using tcpdump ? Any ideas why I am not
able to see the contents of the packets(beacons etc)
I tried using tcpdump with an Atheros chipset in Monitor mode and was
able to see all the packets.
Saving the dump from tcpdump and opening the file in Wireshark also
worked fine. Wireshark deciphered all the packets perfectly.
My version of tcpdump is :
tcpdump version 3.9.5
libpcap version 0.9.5
The commands I used:
sudo tcpdump -i ath1 -s 0 -n -vvv -XX
sudo tcpdump -i ath1 -s 0 -n -vvv -XX -w raw.dump
I don't have a card with a ralink chipset, so can't help you there :)
regards,
Sujith.
Other related posts:
