Wireshark-users: [Wireshark-users] ZD1211B in monitor mode only captures Beacon and Probes with W
Guys I have one serious problem capturing packets using a ZD1211B chip based
usb dongle on Fedora 7 and Wireshark
I've struggled to change my wireless usb dongle to monitor mode but now I
know how to do it.
Here's the code:
/sbin/service NetworkManager stop
/sbin/chkconfig NetworkManager off
/sbin/ifconfig wlan0 down
/sbin/iwconfig wlan0 mode monitor
/sbin/ifconfig wlan0 up
/sbin/iwconfig wlan0 channel 11
/sbin/iwconfig wlan0
wlan0 IEEE 802.11g Mode:Monitor Frequency:2.462 GHz
Retry min limit:7 RTS thr:off Fragment thr=2346 B
Encryption key:off
Link Quality:0 Signal level:0 Noise level:0
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
Then I open Wireshark hit capture interfaces (with promiscuous mode seleted)
and right there my wlan0 starts to count packets.
But when I start capturing I only get Beacons Probes and unresolved.
In my last capture for 3.5 hours I got around 200.000 packets mostly beacons
probes and only 2 of them were IPX.
No http or any other protocols were found and I got around 50 endpoints and
10 diferent SSID's!!
Besides my WLAN using Windows and Fedora 7 I've found 4 medium/low signal
WLAN beaconing their SSID...
Something has to be wrong!!!!
Can you help me solve this?
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
