Kismet Wireless

Kismet Forums


Posted by:wingcom
Subject:Kismet not capturing all traffic on Senao PrismII (and i'm not hopping)
Date:10:46:43 01/03/2007

Hey people,

I don't know if this is really the right place to post this as I'm not sure this has anything to do with kismet at all but I saw a post here by Dragorn that gave me a little bit more hope. First my problem:

Kismet (but also ethereal) is not capturing all my traffic in Monitor mode nor in Promiscuous mode. Ive edited /etc/kismet.conf to disable channel hopping and had my source start at channel 9 which in the kismet gui itself all looks good -> it now only looks at my wireless network. Good. Then I fired up my laptop who is connected to the same accesspoint, same wireless net. I performd 3 pings, 2 times to the AP itself, 1 to google and I opend 2 websites and browsed them. Ive done this same routine on my wired net and there I see all traffic but in my wireless setup I only see "some" echo replys or pings and only parts of the http traffic.

Ive turned off channel hopping in kismet. Turned of Roaming (Mandriva 2007 wizard is set to Monitor now too, you never know with these wizard things). Started Monitor mode again with airmon-ng start wlan0 9 and started capturing.

The firmware for my Senao card (PrismII 2.5) is:
Socket 0 Device 0: [hostap_cs] (bus ID: 0.0)
Configuration: state: on
Product Name: INTERSIL HFA384x/IEEE Version 01.02
Identification: manf_id: 0x0156 card_id: 0x0002
function: 6 (network)
prod_id(1): "INTERSIL" (0x74c5e40d)
prod_id(2): "HFA384x/IEEE" (0xdb472a18)
prod_id(3): "Version 01.02" (0x4b74baa0)
prod_id(4): --- (---)

Host AP driver diagnostics information for 'wlan0'

NICID: id=0x800c v1.0.0 (PRISM II (2.5) PCMCIA (SST parallel flash))
PRIID: id=0x0015 v1.1.1
STAID: id=0x001f v1.7.4 (station firmware)

Now why am I posting this here then?
I saw this (part of) post by dragorn:

1 Not missing the packets you think you are
2 Channel hopping in firmware, kismet at the moment on the wrt expects it to be in ap+rfmon, and sets it so itself.
3 Getting collisions and other noise on the channel
4 Hitting limitations and bugs in the broadcom driver
5 Filtering frames. Look at your kismet.conf. By default, a lot of junk is filtered out.
6 Getting frames so corrupted they're rejected by the kismet 802.11 validator as garbage.

1 -> I am sure I am missing packets
2 -> I guess it must be something like this cus also in an other distribution I have the same trouble but how can I check this and fix this?
3 -> Dunno for sure but I am on channel 9 and my neighbour is on channel 5 so I respect that 3 channel seperation margin right?
4 -> not broadcom but well known prismII chipset so...
5 -> by default it doesn't look like its filtering anything? It looks like its all commented out in kismet.conf
6 -> Dunno so again: how can I check this?

My best bet is option number 2, it looks and smells like that so its probably it. But what should I do to fix this?

Reply to this message