Kismet Wireless

Kismet Forums


Posted by:dragorn
Subject:Only type 802.11a and channel 0 reported in kismet (ath9k)?
Date:18:57:30 23/04/2012

> > Kismet pulls it off the per-packet headers; I'd guess your drivers are returning bogus radiotap headers.
> >
> > You could try looking at the wlanXmon interface in wireshark while kismet is running to get some additional info; look at the radiotap portion of the packet headers.
> >
> > Try upgrading your drivers - either to the latest kernel or to wireless-compat.
> Ya, those are good ideas. Both Kismet and Wireshark report bogus mode/chan info, but why would wireless-tools (iwlist) report correct? Perhaps because iwlist is looking at wlan1 while kismet/wireshark is pulling from the monitor interface (wlan1mon)..? Cool, thanks for the ideas, we'll try that.

Because iwlist uses the firmware assist to query, where as wireshark and kismet use the data reported by the drivers. It's a driver bug that it is reporting bogus info in the radiotap header.

Kismet uses the per-packet data because:

a) on 802.11a the beacon doesn't contain a channel record, because the channels are non-overlapping; the only place to get the channel is from the phy layer

b) kismet tries to catch things happening that are wrong; someone can advertise a beacon incorrectly advertising another channel, etc.

Reply to this message