1

Topic: Monitor Mode Windows Atheros Wireless

In the FAQ is mentioned that it is possible to catch IVS under Windows - cite: You can catch (passive) IVS in applications Wireshark.. Suitable card with support in mentioned applications (chipset) Atheros.

Does it mean that it works under Windows monitor mode on CM9 in combination with catching by wireshark? I was trying it but it did not work :) I have drivers Airowizard pack (commview drivery), then I have run Wwireshark. I have not seen anything (and I should), I have my Access Point 10 meters from the PC.

2

Re: Monitor Mode Windows Atheros Wireless

If in the FAQ is mentioned that it is a passive collection (that means without injection) then why do you need  a monitor mode, besides that, monitor mode is a linux matter??

3 (edited by Xfyler 2008-06-03 15:37:57)

Re: Monitor Mode Windows Atheros Wireless

OK lets go right to the point. I need to sniff network traffic from Access Point that has mac auth. That means that I can not connect to it (is that correct?). So I need a monitor mode to overhear  some connected MAC and use it < by wireshark - is it possible? Or alternative applications under Windows. I think that this could be done by commview or airopeek(?)

Edit moderátor: There is written at the top that monitor mode is a linux matter. I don't understand why are you asking ten minutes later the same thing!

4 (edited by Michal 2008-06-03 15:40:58)

Re: Monitor Mode Windows Atheros Wireless

I tried the same thing with Atheros chipset AR 5212 and the same driver. Only AiroWizard 1.0 beta revision 250 started and CommView for Wifi. Wireshark did not work. You must have mixed up the terms... You probably meant that on AP is a MAC filter, right? Try CommView for Wifi.

5

Re: Monitor Mode Windows Atheros Wireless

The client device, including MAC, displays application AiroPeek, OmniPeek and CommView for WiFi. Monitor mode is a common name for drivers characteristic on Linux platform. There exist 2 commercial drivers in Windows (by tamosoftu and wildpackets) and as far as I know their characteristic is not described as monitor mode.

6

Re: Monitor Mode Windows Atheros Wireless

moderátor wrote:

There is written at the top that monitor mode is a linux matter..

... OK but how do you call the thing that is possible thanks to airserv and airdump on windows? ...I think we are playing with words ... but I'm looking for function

7

Re: Monitor Mode Windows Atheros Wireless

That is called an ugly hack - literally. Unless you use a linux driver in Windows..

8

Re: Monitor Mode Windows Atheros Wireless

I still don't understand how to capture IVs Wiresharkem under windows... what shall I do?

9

Re: Monitor Mode Windows Atheros Wireless

Xfyler wrote:

I still don't understand how to capture IVs Wiresharkem under windows... what shall I do?

Ho guy, I have written few lines above that I have done it on chipset Atheros with the same driver and Wireshark did not work. I also advised to use CommView for WiFi. You can find the MAC easily there...

10

Re: Monitor Mode Windows Atheros Wireless

Then there is a mistake in FAQ .. In FAQ is that you can capture IVS under Windows - quote: You can catch (passive) IVS in applications Wireshark... Suitable card with support in mentioned applications (chipset) Atheros. P.s: Last comments are not to quote

11

Re: Monitor Mode Windows Atheros Wireless

There is no mistake. The mistake is that when you quote you left out a whole part! I see there a comment about wireless cards at the end and when there is a remark about supported card type it is obvious that it refers to the commercial applications. The use of Wireshark was never conditioned by special driver installation with defined list of wifi cards. The remark about Wireshark is at the beginning and there is a comment "passive"!..

12

Re: Monitor Mode Windows Atheros Wireless

If I understand it well then I can capture IVs only in "monitor mode", because I can not connect to AP if I don't know the WEP key

13

Re: Monitor Mode Windows Atheros Wireless

No, you don't understand it. For capturing random data is enough when the card is not throwing away packets with different MAC address and that has nothing to do with monitor mode. There is even a card that is able to work in monitor mode and it can't  be used anyway for the data capture. Capturing data conditioned by connecting to Access Point is a story.

14

Re: Monitor Mode Windows Atheros Wireless

Capturing the IV's (under Windows operating systems) is possible with CommView for WiFi or OmniPeek.