James G. Sack (jim) wrote:
Christoph Maier wrote:
[snip]
Submitted as bug: https://bugs.launchpad.net/ubuntu/+bug/242727
Nice piece of diagnostics.
What is the setup to do this? Where was kismet running -- just any
nearby host? Which log(s) did you analyze? Could you summarize any
config or command-line options needed to get the desired log output.
The setup involved two laptops with wireless enabled. The wireless cards
had to support rfmon mode. That leaves out stuff that runs only with
ndiswrapper.
Kismet <http://www.kismetwireless.net/> was used to do the packet
capture. When Kismet starts, it immediately starts scanning and
capturing all the packets it detects. I selected to sort the displayed
detected networks (makes the display stable) and then lock onto the
network of the Cisco Linksys router. This (hopefully) allowed capturing
all the packets involved in the exchange between the access point and
Christoph's laptop. The laptops and the access point were only a few
meters apart. I recorded a full sequence of Christoph's laptop trying to
connect to the access point.
When I was done, Christoph and I switched roles, where he recorded me
successfully connecting to the access point. The log files from Kismet
are the same format as Wireshark (previously known as Ethereal)/tcpdump.
That allowed the packet streams to be analyzed by any tool that can
understand tcpdump output, such as Wireshark.
You'll have to get Christoph to explain which tools he used to do the
comparison.
Gus
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
