I'm Sorry, Open Source Sniffers
About a month ago I went on a petulant rant about how frustrating it can be to work with open source WiFi sniffers. Well, I'm sorry. It turns out that using the DWL-G122 with KisMAC is pretty darned simple.
For those that haven't read the previous post, here's the basic setup:
-Mac OS X laptop (I'm using 10.6 now, but 10.5, 10.4, etc. have all worked for me.)
-D-Link DWL-G122 802.11b/g USB adapter
-Wireshark (latest version)
-KisMAC (latest version)
To do free sniffing with this setup, you just go into Preferences -> Driver in KisMAC and select the RT2750 driver. Then you choose a file path for the resulting Dump file and begin your capture. After the KisMAC capture has begun, you can open Wireshark and then just open the dump file.
The capture won't be live because you're capturing in one application (KisMAC) and viewing the captured frames in another (Wireshark), but you can always just hit Reload in Wireshark to get the latest frames that KisMAC has captured.
In my aforementioned previous post, I decried the fact that the DWL-G122 was missing all control frames (Acknowledgments, Clear-To-Sends, etc.) and most data frames. Well, no longer. I have no idea why, but now it's working well. As I've come to expect with open source software there are times when you'll have to close and reopen KisMAC or reboot the computer to get the capture going the way it's supposed to work, but I find that's a small price to pay for free sniffing.
For OS X users, I'd recommend this setup as strongly as possible. You do miss out on 802.11a and 802.11n captures, but it really is your best option for sniffing most WLANs.
NOTE: In my previous post I promised an overview of the MiFi 2200 from Novatel on Verizon Wireless. Sadly, my girlfriend is still hogging the MiFi and I haven't been able to sniff it, yet. I should have some time to do it next week so look forward to that post relatively soon.
For those that haven't read the previous post, here's the basic setup:
-Mac OS X laptop (I'm using 10.6 now, but 10.5, 10.4, etc. have all worked for me.)
-D-Link DWL-G122 802.11b/g USB adapter
-Wireshark (latest version)
-KisMAC (latest version)
To do free sniffing with this setup, you just go into Preferences -> Driver in KisMAC and select the RT2750 driver. Then you choose a file path for the resulting Dump file and begin your capture. After the KisMAC capture has begun, you can open Wireshark and then just open the dump file.
The capture won't be live because you're capturing in one application (KisMAC) and viewing the captured frames in another (Wireshark), but you can always just hit Reload in Wireshark to get the latest frames that KisMAC has captured.
In my aforementioned previous post, I decried the fact that the DWL-G122 was missing all control frames (Acknowledgments, Clear-To-Sends, etc.) and most data frames. Well, no longer. I have no idea why, but now it's working well. As I've come to expect with open source software there are times when you'll have to close and reopen KisMAC or reboot the computer to get the capture going the way it's supposed to work, but I find that's a small price to pay for free sniffing.
For OS X users, I'd recommend this setup as strongly as possible. You do miss out on 802.11a and 802.11n captures, but it really is your best option for sniffing most WLANs.
NOTE: In my previous post I promised an overview of the MiFi 2200 from Novatel on Verizon Wireless. Sadly, my girlfriend is still hogging the MiFi and I haven't been able to sniff it, yet. I should have some time to do it next week so look forward to that post relatively soon.
Comments
Post a Comment