PDA

View Full Version : Orinoco Monitor Mode in Knoppix 3.4 with 2.6 kernel



booty
05-11-2004, 07:46 PM
I have a Dell 1150 Truemoblie wifi card (ie Orinoco Gold). I can't seem to (ever) get monitor mode to work in airsnort! Oh yeah and Kismet doesn't work either!

When I run knoppix26 to connect to my network I take these steps.
1. Run netcardconfig, select eth0, and dhcp broadcast.
2. Launch wavelan and close netcardconfig (before it fails).
3. I enter my sid and my wep key
4. pump -i eth0 and I'm good.

here is my iwpriv and lsmod it looks like orinoco.cs is loaded (I assume it is the patched version), but as you can see iwpriv does not show monitor:

knoppix@ttyp0[knoppix]$ iwpriv eth0
eth0 Available private ioctl :
force_reset (8BE0) : set 0 & get 0
card_reset (8BE1) : set 0 & get 0
set_port3 (8BE2) : set 1 int & get 0
get_port3 (8BE3) : set 0 & get 1 int
set_preamble (8BE4) : set 1 int & get 0
get_preamble (8BE5) : set 0 & get 1 int
set_ibssport (8BE6) : set 1 int & get 0
get_ibssport (8BE7) : set 0 & get 1 int
dump_recs (8BFF) : set 0 & get 0



knoppix@ttyp0[knoppix]$ lsmod
Module Size Used by
md5 8064 1
ipv6 248320 6
snd_mixer_oss 19200 0
via_agp 9984 0
sworks_agp 11424 0
sis_agp 9600 0
nvidia_agp 10140 0
intel_mch_agp 12044 0
intel_agp 18968 1
efficeon_agp 10624 0
ati_agp 10636 0
amd64_agp 12872 0
amd_k7_agp 10124 0
ali_agp 9600 0
agpgart 32204 11 via_agp,sworks_agp,sis_agp,nvidia_agp,intel_mch_ag p,intel_agp,efficeon_agp,ati_agp,amd64_agp,amd_k7_ agp,ali_agp
autofs 19584 1
i810_audio 34704 1
ac97_codec 19840 1 i810_audio
b44 23680 0
snd_intel8x0m 20228 0
snd_ac97_codec 59396 1 snd_intel8x0m
snd_pcm 87808 1 snd_intel8x0m
snd_timer 26240 1 snd_pcm
snd 50692 5 snd_mixer_oss,snd_intel8x0m,snd_ac97_codec,snd_pcm ,snd_timer
soundcore 12000 3 i810_audio,snd
snd_page_alloc 13188 2 snd_intel8x0m,snd_pcm
parport_pc 38176 0
parport 39104 1 parport_pc
8250 34208 0
serial_core 23168 1 8250
joydev 13504 0
evdev 12416 0
tsdev 9984 0
hid 46400 0
af_packet 21636 0
orinoco_cs 11784 1
orinoco 44932 1 orinoco_cs
hermes 11264 2 orinoco_cs,orinoco
ds 17920 3 orinoco_cs
yenta_socket 17664 1
pcmcia_core 59136 3 orinoco_cs,ds,yenta_socket
thermal 15760 0
processor 21440 1 thermal
fan 7564 0
button 9240 0
battery 12556 0
ac 8204 0
rtc 15560 0
cloop 15456 1
ohci1394 33920 0
ieee1394 305552 1 ohci1394
usb_storage 67072 0
ohci_hcd 20864 0
uhci_hcd 33416 0
usbcore 94420 6 hid,usb_storage,ohci_hcd,uhci_hcd
megaraid 40904 0
ide_cd 39680 0
ide_scsi 17668 1



knoppix@ttyp0[knoppix]$ kismet
Server options: none
Client options: none
Starting server...
Waiting for server to start before startuing UI...
Suid priv-dropping disabled. This may not be secure.
No specific sources given to be enabled, all will be enabled.
Enabling channel hopping.
Enabling channel splitting.
NOTICE: Disabling channel hopping, no enabled sources are able to change channel.
Source 0 (ciscosource): Enabling monitor mode for cisco source interface eth0 channel 6...
FATAL: Unknown interface eth0: Permission denied


I know a LOT of people use Orinoco Cards so there must be a way or I must be doing something wrong, but I haven't really seen any complaints.

Any help would be great!

Thanks
Booty

level
05-11-2004, 07:52 PM
You need to patch your driver to enable monitor mode.

http://airsnort.shmoo.com/orinocoinfo.html

I have the same card and don't have any problems running kismet and airsnort in Knoppix 3.3 (card is patched automatically). Haven't tried Knoppix 3.4.

booty
05-11-2004, 09:35 PM
yes in 3.3 my iwpriv shows monitor mode for et0, and kismet seems to work (at least it loads), but I have never been able to get airsnort to work.

could it be a firmware issue? and has anybody that has 3.4 running have problems with their truemobile card? Is the patch installed?

level
05-11-2004, 11:51 PM
I just tried Knoppix 3.4 and both kismet and airsnort work.

Monitor mode is listed under iwpriv.

Just reconfigure kismet for orinoco and you should be O.K.

booty
05-12-2004, 04:50 AM
but that is the problem on mine it does not show monitor in my iwpriv (as I have shown above).

how/where do I reconfigure kismet and airsnort?

level
05-12-2004, 01:06 PM
I should have been more specific in my last post. When I ran it in Knoppix 3.4 I didn't use the 2.6 kernel. Check the airsnort link I gave you, I'm not sure if there is a patch for the 2.6 kernel, yet.

You need to modify the kismet.conf file. I can't recall what directory it's in, do a file search and it should turn up. In the conf file (near the beginning) there is a list of sources kismet can use. The default is for cisco cards. You would comment that out and uncomment the orinoco card.

booty
05-13-2004, 12:58 AM
ok well my questions were solely based on the 26 kernel, but thanks for the answer. It looks like you are right 2.6 is not patched yet.

but even with the patched 2.4kernel I have NEVER been able to get airsnort to work. Kismet use to work in 3.3, but not in 3.4 but I'm sure it is due to the config file. can that affect airsnort?

NEWBIE question: how do I change the kismet.config since it is burned on the cd (I don't use a hardware install yet)? Do I have to remaster it?

I'm more concerned about airsnort then kismet as I have never been able to make it work!

thanks,
Booty

level
05-13-2004, 02:07 AM
If this works for you then make it into a script and save in your persistent home directory.

sudo rm -rf /etc/kismet/
sudo cp -R /KNOPPIX/etc/kismet /home/knoppix/
sudo ln -s /home/knoppix/kismet /etc/
sudo kedit /etc/kismet/kismet.conf

In Knoppix 3.4, kismet is set up for cisco cards, so as I said in my previous post you'll need to comment that out and uncomment the orinoco. Adjust the interface, eth0, eth1, whatever.

Airsnort should work if kismet does. Make sure you have the right interface and correct source selected from the drop down box.

Kumagoro
05-14-2004, 03:21 PM
are there any cheat codes to change it to orinoco on start up?

also how do you create a script?

Pernic
07-24-2004, 08:30 AM
Hey guys,
I got airosnort in 3.3 to work but its a roundabout way of doing it

1.At bootloader type "knoppix single" ("knoppix 2" should also work)
2.When booted, type "startx", this will start the GUI (as root)
3.When booted, open a terminal and type "kismet", kismet should start and put card into monitor mode.
4.Start airosnort, select orinoco and eth0 (if eth0 is the orinoco card)
5.Click start and as card is already in monitor mode airsnort has no problems.

This works for me, hope it does for you too. :D

lhunt
02-04-2005, 01:52 AM
I am using Knoppix 3.7 and have a Orinoco Gold (FCC ID IMRWLPCE24H) pcmcia card. I can connect to wireless APs etc but cannot get the card to run in monitor mode. If I run:

iwpriv eth0

I don't see "monitor" listed as an available option. Is this a driver issue with Knoppix 3.7 or a firmware issue with the card itself? I have also tried the Knoppix-STD 0.1 dist and have run into the same issue and this dist is supposed to have the patched orinoco drivers. Any ideas? Is there a suggested wifi card to be used with Knoppix 3.7 in monitor mode?

Thanks in advance.

L