Kismet - Propably problems with ath0 (IBM brand)?
Hello everybody, Some days ago I`ve written a mail that the Kismet I`m running just fetches Beacon-Frames but no other data not even if I sit next to the PC of my friend who`s downloading whole ISOs (via WLAN). I went to the IRC-Channel of the Kismet-Project and the author asked me to provide tcpdump-Logs. So I did switched the card into monitor mode (by hand via ifconfig) and started it up (also via ifconfig). THen I started tecpdump and on another screen kismet. And now the wonder happened: Now kismet can receive data (crypted) packets and not just beacon-Frames. But tcpdump is not logging anything even it`s running paralel. Setting the card by hand into monitor mode doesn`t affect kismets behavior because kismet is settign the card into promisc-Modus itself. So I4ve tested if it`s related to tcpdump and if I don`t start tcpdump before I do start kismet I don`t get other Frames except of the beacon-Frames (no data). But if I do run tcpdump on the other screen the tcpdump itself claims to receive no data (tcpdump -w LOG.raw -i ath0) and the logfile stays at 2KB (not growing). I`m using OpenBSD 4.0-Beta (installed ~ last weekend with the snapshot avaiable there) on a IBM Thinkpad R51 + a mini-PCI Atheros Card (from IBM). Are there any known issues with Atheros-Cards from IBM? I`ve no clue where the error could be. All I can say is that kismet works if I do start tcpdump first (but then tcpdump logs nothing). Any suggestions (because I don`t think that`s a normal behavior)? Kind regards, Sebastian
Re: Kismet - Propably problems with ath0 (IBM brand)?
Hi Sebastian. On 10/13/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hello everybody, [... snipp ...] Yes this is a problem with kismet (even the current svn snapshot). It was already mentioned a while ago: http://marc.theaimsgroup.com/?l=openbsd-miscm=115548207902728w=2 Due to the lack of a recent mailinglist (only a forum) I didn't report this to the kismet developers. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Kismet - Propably problems with ath0 (IBM brand)?
Hi, On Fri, Oct 13, 2006 at 04:00:09PM +0200, Andreas Maus wrote: It was already mentioned a while ago: http://marc.theaimsgroup.com/?l=openbsd-miscm=115548207902728w=2 Due to the lack of a recent mailinglist (only a forum) I didn't report this to the kismet developers. Unfortunately, i've no ath(4) available. I'll see wether I can do something next week. I'll also drop a mail to upstream. It would be nice if other people could verify wether this is really ath(4) specific (afaik, at least wi(4) and ral(4) are fine). Ciao, Kili -- It takes a vax to find such bugs. -- Miod Vallat
Re: Kismet - Propably problems with ath0 (IBM brand)?
Yes this is a problem with kismet (even the current svn snapshot). Maybe, it depends how you look at it. Ath(4) devices have problems (partly) because Kismet configures net80211 based capture sources to IFM_AUTO on OpenBSD. Only ath(4) has a problem with this, IFM_AUTO is the correct way to go. There are a lot of things on my list that I would like to do to Kismet before Kili updates the port, but as he knows I have very little time. Adding ugly workarounds for hardware made by vendors that belligerently refuse to release docs to the open source community is not one of them. The real problem here is that you chose Atheros. Don't blame Kismet.
Re: Kismet - Propably problems with ath0 (IBM brand)?
dmesg Why? it`s no OpenBSD-Bug It`s Kismet wich is buggy. Because Kismet uses RADIOTAP even my card shouldn`t matter. But hell.. HERE IS THE DMESG (wich is absolutly NOT needed in this case I think): OpenBSD 4.0-current (GENERIC) #0: Mon Oct 9 18:44:29 CEST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.60GHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 cpu0: Enhanced SpeedStep 1600 MHz (1340 mV): speeds: 1600, 1400, 1200, 1000, 800, 600 MHz real mem = 804220928 (785372K) avail mem = 725139456 (708144K) using 4256 buffers containing 4012 bytes (39388K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(96) BIOS, date 10/13/05, BIOS32 rev. 0 @ 0xfd750, SMBIOS rev. 2.33 @ 0xe0010 (61 entries) bios0: IBM 1830WAY apm0 at bios0: Power Management spec V1.2 apm0: battery life expectancy 100% apm0: AC on, battery charge high apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #3 is the last bus bios0: ROM list: 0xc/0x1 0xd/0x1000 0xd1000/0x1000 0xdc000/0x4000! 0xe/0x1 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82855PE Hub rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82855PE AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M7 LW rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 11 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 11 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 11 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x81 pci2 at ppb1 bus 2 cbb0 at pci2 dev 0 function 0 TI PCI4520 CardBus rev 0x01: irq 11 TI PCI4520 FireWire rev 0x01 at pci2 dev 0 function 2 not configured em0 at pci2 dev 1 function 0 Intel PRO/1000MT (82540EP) rev 0x03: irq 11, address xx.xxx.xxx.xx.x ath0 at pci2 dev 2 function 0 Atheros AR5212 (IBM MiniPCI) rev 0x01: irq 11 ath0: AR5213 5.6 phy 4.1 rf5111 1.7 rf2111 2.3, WOR1W, address xx:xx:xx:xx cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 3 device 0 cacheline 0x8, lattimer 0xb0 pcmcia0 at cardslot0 ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x01 pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: IC25N060ATMR04-0 wd0: 16-sector PIO, LBA, 57231MB, 117210240 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: MATSHITA, DVD-RAM UJ-830S, 1.02 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 ichiic0 at pci0 dev 31 function 3 Intel 82801DB SMBus rev 0x01: irq 11 iic0 at ichiic0 auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x01: irq 11, ICH4 AC97 ac97: codec id 0x41445374 (Analog Devices AD1981B) ac97: codec features headphone, 20 bit DAC, No 3D Stereo audio0 at auich0 Intel 82801DB Modem rev 0x01 at pci0 dev 31 function 6 not configured isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt2 at isa0 port 0x3bc/4: polled aps0 at isa0 port 0x1600/31 npx0 at isa0 port 0xf0/16: using exception 16 pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo biomask eff5 netmask eff5 ttymask fff7 pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support dkcsum: wd0 matches BIOS drive 0x80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 Btw: OT: Does oBSD support any Modems (build in?) :) Kind regards, Sebastian
Re: Kismet - Propably problems with ath0 (IBM brand)?
Hi, On Fri, Oct 13, 2006 at 04:00:09PM +0200, Andreas Maus wrote: It was already mentioned a while ago: http://marc.theaimsgroup.com/?l=openbsd-miscm=115548207902728w=2 Due to the lack of a recent mailinglist (only a forum) I didn't report this to the kismet developers. Unfortunately, i've no ath(4) available. I'll see wether I can do something next week. I'll also drop a mail to upstream. It would be nice if other people could verify wether this is really ath(4) specific (afaik, at least wi(4) and ral(4) are fine). Ciao, Kili --- Crossposted to bugs@ to report the Bug! --- Well I`ve a USB-Stick wich uses the wi-Driver but I never made Kismet playing with it. But I`ve retried with a USB-WLAN-Stick. It does not support monitor-mode but I got a NEAT Bug during using the hostap-Mode (wich IS supported regarding to the ifconfig -m wi0 output): ddb trace bcopy(d1718000,1,0,e8e17908,44) at bcopy+0x1a wi_mngt_xmit(d1718000,d1719238,20,d1718000,d071a8a8) at wi_mngt_xmit+0x6e wihap_sta_disassoc(d1718000,d071c560,8) at wihap_shutdown+0xe2 wi_stop(d1718000,0,0,04) at wi_stop+0x11 wi_init_io(d1718000,b,d0758408,d1718030,d1676800) at wi_init_io+0x8cf wi_init_usb(d1718000,d16768000,404,e8e17e68) at wi_init_usb+0x1e wi_ioctl(d1718030,801269ee,e8e17e68,d739ba04,0) at wi_ioctl+0x1f1 wi_ioctl_usb(d1718030,801269ee,e8e17e68,e8e17e68,e8e17e68) at wi_ioctl_usb+0x28 in_control(d75470d0m801269ee,e8e17e68,d1718030,d111c128,e8e17e20,19573405) at in_control+0x122 ifioctl(d75470d0,801269ee,e8e17e68,d739ba04,0) at ifioctl+0x18f sys_ioctl(d739ba04,e8e17f68,e8e17f58,4,29) at sys_ioctl+0x125 syscall() at syscall+0x2ea --- syscall (number 54) --- 0x1c007a95 Sorry for no ps-Output but it`s realy a pitty to type everythign by hand! Programs wich did run: ksh, kismet, ifconfig ddb includes hangman but no possibility to save the file (and there`s no entry about how to do it in the Faqs (at least as the last time I4ve checked the website)) :-( DMESG (snapshot is from last weekend, I just compiled an own Kernel wich is 100% GENERIC) OpenBSD 4.0-current (GENERIC) #0: Mon Oct 9 18:44:29 CEST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.60GHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 cpu0: Enhanced SpeedStep 1600 MHz (1340 mV): speeds: 1600, 1400, 1200, 1000, 800, 600 MHz real mem = 804220928 (785372K) avail mem = 725139456 (708144K) using 4256 buffers containing 4012 bytes (39388K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(96) BIOS, date 10/13/05, BIOS32 rev. 0 @ 0xfd750, SMBIOS rev. 2.33 @ 0xe0010 (61 entries) bios0: IBM 1830WAY apm0 at bios0: Power Management spec V1.2 apm0: battery life expectancy 100% apm0: AC on, battery charge high apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #3 is the last bus bios0: ROM list: 0xc/0x1 0xd/0x1000 0xd1000/0x1000 0xdc000/0x4000! 0xe/0x1 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82855PE Hub rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82855PE AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M7 LW rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 11 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 11 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 11 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x81 pci2 at ppb1 bus 2 cbb0 at pci2 dev 0 function 0 TI PCI4520 CardBus rev 0x01: irq 11 TI PCI4520 FireWire rev 0x01 at pci2 dev 0 function 2 not configured em0 at pci2 dev 1 function 0 Intel PRO/1000MT (82540EP) rev 0x03: irq 11, address xx.xxx.xxx.xx.x ath0 at pci2 dev 2 function 0 Atheros AR5212 (IBM MiniPCI) rev 0x01: irq 11 ath0: AR5213 5.6 phy 4.1 rf5111 1.7 rf2111 2.3, WOR1W, address xx:xx:xx:xx cardslot0 at cbb0 slot 0
Re: Kismet - Propably problems with ath0 (IBM brand)?
Hi. On 10/13/06, Matthias Kilian [EMAIL PROTECTED] wrote: to the kismet developers. Unfortunately, i've no ath(4) available. I'll see wether I can do something next week. I'll also drop a mail to upstream. It would be nice if other people could verify wether this is really ath(4) specific (afaik, at least wi(4) and ral(4) are fine). Tested with an RALink card (RaLink RT2500) and it kismet works with this card. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
