Not finding any packets is a giveaway that it is not succeeding in putting
the adapter in promiscuous mode. If it is possible, try disabling
promiscuous mode and see if you suddenly start seeing local host traffic. If
you do, you are seeing "virtual" Ethernet traffic from the vendor's driver,
which does not include raw frames.
It's one thing to port a Linux app to Windows - to get it to compile and
execute, and even talk to the vendor's NDIS driver. It's quite another thing
to get the driver to do what you want. Ethernet drivers on Windows do have a
standard way to turn on promiscuous mode, wifi drivers do not. Ethereal
works just fine for me in raw mode on Ethernet, but you can forget wifi.
Tools like Ethereal use winpcap (
http://winpcap.mirror.ethereal.com/) to
capture packets. I quote from their FAQ (the developers are Italian, excuse
their English):
"Wireless adapters are not granted to work: some of them are not detected,
other don't support promiscuous mode. In the best case, WinPcap is able to
see an Ethernet emulation and not the real transiting packets. "
See question 16 at
http://winpcap.mirror.ethereal.com/misc/faq.htm.
I wish someone would port some Linux drivers to work under Windows, but
there is understandably little interest in that. Linux folks will just ask
you why you are not using Linux.
By the way, there is a serious roadblock in porting some Linux drivers to
Windows. Wifi devices are "software radios". The same adapter is tested with
one firmware/driver version in the U.S., to comply with FCC regulations, and
another in Europe to comply with ETSI regulations. It's the same
electronics, but the firmware and/or driver configure the chipset
differently. Vendors do not want to risk having their devices used in
illegal ways, so some Linux drivers (the Atheros madwifi driver, for
example) sit over a binary-only hardware adaptation layer that restricts the
set of functions that can be used. This prevents, for example, a European
user from cranking up the transmit power (some vendors ship adapters in
Europe with transmit power throttled back by 3dB to avoid having to
implement adaptive throttling).
For these chipsets, the binary layer has to be ported too. The Atheros HAL
was developed by a private contractor engaged by Atheros. Any port to
Windows would have to be done by the contractor with Atheros' agreement, and
so far that does not appear to be a priority. Without this layer - or access
to the proprietary documents that describe the register sets for the chips -
the only other way to make it work would be to use someone else's
proprietrary driver filched from demo software. THIS IS ILLEGAL, AND I DO
NOT RECOMMEND IT.
"hc" <(E-Mail Removed)> wrote in message news:br5ek1$5tk$(E-Mail Removed)...
> (E-Mail Removed) wrote:
>
> > Over on http://airsnort.shmoo.com/windows.html
> > the airsnort developer says he has a version working in alpha, but
> > that was last modified in February and there doesn't seem to have been
> > any work on it done since then.
> >
> > Has anyone here got it working with XP? Has any further development
> > been done since 2/03? Are there any equivalent packages from other
> > sources which work with Windows? T-Y.
> I found the binaries for windows somewhere in the web. It startet but it
> couldn't find any packets - get your driver working under linux and you
> made a big step forward to airsnort
>
Similar Threads
Linear Mode
