Kismet Wireless

Kismet Forums

 

Posted by:goku1
Subject:Kismet discards good packets
Date:16:03:08 03/06/2006

Hi all. I'm trying to do a test using Kismet with an Atheros chipset. I can start kismet in monitor mode without problems. But it seems kismet sees only management and broadcast packets. All directed packets kismet lists as "discarded". I noticed also 2 things that I don't understand:

1) The network I connect to is listed as using WEP. However, nobody uses any key to connect. We access the network just through a user & passwd system. (The network is used by students in my residence). Is kismet getting something wrong or it's normal? Could that be the reason why packets are discarded?
2) The count of encrypted packets in kismet was increasing (On the right panel of kismet interface). Those packets came only from a T-mobile network (a public network providing internet connection under subscription). T-mobile is listed as "unencrypted" in kismet. Then why does it show some crypted pakets?
(Screenshot: http://vsla.eresmas.com/files/kismet2.html)

Anyone knows why kismet discards all direct packets? I'm using Kismet version 2005.04.R1a. I installed it from the Debian packages in Sarge. The relevant configuration parameters are copied below.(I posted the question in Debian mailing list but no one replied).
The driver of my Atheros card (a TP-LINK TL-WN510) was compiled using madwifi sources. The sources were downloaded from debian.org and didn't give any error in the compilation. As the debian way, I created a .deb package using make-kpkg.

I wonder if I'm missing any piece in kismet config or any other small silly thing (I'm no expert in networking). Please, tell me if you need any more details about my system.

Thanks

-David

__________________________________________________________________________
/etc/kismet/kismet.conf
# User to setid to (should be your normal user)
suiduser=david

# Sources are defined as:
source=madwifi_g,ath0,tplink

# Do we log corrupt packets? Logging these is usually not a bad idea.
corruptlog=true



lspci -vv (Info about my card's chipset)
0000:06:00.0 Ethernet controller: Atheros Communications, Inc.: Unknown device 001a (rev 01)
Subsystem: Atheros Communications, Inc.: Unknown device 1052
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR-
Latency: 168 (2500ns min, 7000ns max), Cache Line Size: 0x08 (32 bytes)
Interrupt: pin A routed to IRQ 11
Region 0: Memory at 10c00000 (32-bit, non-prefetchable) [size=64K]
Capabilities: [44] Power Management version 2
Flags: PMEClk- DSI- D1- D2- AuxCurrent=375mA PME(D0-,D1-,D2-,D3hot-,D3cold-)
Status: D0 PME-Enable- DSel=0 DScale=2 PME-



iwconfig ath0 (Info when the card is 'connected' to the access point)
IEEE 802.11g ESSID:"justaname"
Mode:Managed Frequency:2.417 GHz Access Point: 00:17:0E:D9:C3:20
Bit Rate:36 Mb/s Tx-Power:18 dBm Sensitivity=0/3
Retry:off RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=43/94 Signal level=-52 dBm Noise level=-95 dBm
Rx invalid nwid:46 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:1 Invalid misc:1 Missed beacon:0


Reply to this message