Arch Linux

dp

Member

From: Zürich, Switzerland

Registered: 2003-05-27

Posts: 3,378

Website

wireless -- how to find a public accesspoint

i have a wireless mini_pci builtin in my laptop and configured the modules (orinoco_pci) fine; with iwconfig i can find out that it works fine --- i also tried successfully to have a laptop to laptop connection configured with iwconfig commands

now to larger things:

i want to try out connecting to a public accesspoint ... the funny thing is: people using this way to connect to internet told me i can go to control panel in my windows and search for the accesspoint  --- the thing is: i have no windows running on this laptop; only archlinux :-) .. but want to search for it in the same way

=> how do you search for available accesspoints on archlinux?

---

The impossible missions are the only ones which succeed.

Xentac

Forum Fellow

From: Victoria, BC

Registered: 2003-01-17

Posts: 1,797

Website

Re: wireless -- how to find a public accesspoint

pacman -S kismet

It's a wireless access sniffer.  If you have any problems with it, I'm the maintainer.  I don't expect you will... it works fine for me.

---

I have discovered that all of mans unhappiness derives from only one source, not being able to sit quietly in a room
- Blaise Pascal

dp

Member

From: Zürich, Switzerland

Registered: 2003-05-27

Posts: 3,378

Website

Re: wireless -- how to find a public accesspoint

thanx for the info, but ... hmm.. seems it do not work:

[root@Asteraceae /]# modprobe orinoco_pci
[root@Asteraceae /]# iwconfig 
lo        no wireless extensions.

sit0      no wireless extensions.

eth0      no wireless extensions.

Warning: Driver for device eth1 has been compiled with version 16
of Wireless Extension, while this program is using version 15.
Some things may be broken...

eth1      IEEE 802.11-DS  ESSID:""  Nickname:"Prism  I"
          Mode:Managed  Access Point: 00:00:00:00:00:00  Bit Rate:11Mb/s   
          Tx-Power=15 dBm   Sensitivity:1/0  
          Retry min limit:8   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality:0/0  Signal level:-68 dBm  Noise level:-122 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

[root@Asteraceae /]# kismet
Server options:  none
Client options:  none
Starting server...
Will drop privs to damir (1000)
No enable sources specified, all sources will be enabled.
Source 0 (orinocosource): Using pcap to capture packets from eth1
Source 0 (orinocosource):  Attempting to enter monitor mode.
Waiting for server to finish starting before startuing UI...
Enabling monitor mode for an orinoco card on eth1 channel 6
Invalid command : monitor
Source orinocosource: Created child capture process 3085
Dropped privs to damir (1000)
Enabling channel hopping.
Disabling channel splitting.
Allowing clients to fetch WEP keys.
Logging networks to Kismet-Jan-25-2004-1.network
Logging networks in CSV format to Kismet-Jan-25-2004-1.csv
Logging networks in XML format to Kismet-Jan-25-2004-1.xml
Logging cryptographically weak packets to Kismet-Jan-25-2004-1.weak
Logging cisco product information to Kismet-Jan-25-2004-1.cisco
Logging gps coordinates to Kismet-Jan-25-2004-1.gps
Logging data to Kismet-Jan-25-2004-1.dump
Writing data files to disk every 300 seconds.
Mangling encrypted and fuzzy data packets.
Reading AP manufacturer data and defaults from /etc/ap_manuf
Reading client manufacturer data and defaults from /etc/client_manuf
FATAL: Dump file error: Unable to open dump file Kismet-Jan-25-2004-1.dump (Permission denied)
FATAL:  capture child 3085 packet buffer empty and flagged as diseased, exiting
Starting UI...
FATAL:  Could not connect to localhost:2501.
Client exited, terminating...
Done.  Run kismet_unmonitor or eject and re-insert your card (or restart your
 pcmcia services) to return your card to normal operation.
[root@Asteraceae /]# 

---

The impossible missions are the only ones which succeed.

Xentac

Forum Fellow

From: Victoria, BC

Registered: 2003-01-17

Posts: 1,797

Website

Re: wireless -- how to find a public accesspoint

There is two parts to kismet... well... actually, three.  kismet_monitor, kismet_server, and kismet_client.  Run kismet_monitor -H as root first.  Then kismet as root.  It should work then.

---

I have discovered that all of mans unhappiness derives from only one source, not being able to sit quietly in a room
- Blaise Pascal

dp

Member

From: Zürich, Switzerland

Registered: 2003-05-27

Posts: 3,378

Website

Re: wireless -- how to find a public accesspoint

ok, i tried ... but now i'm at home and probably there is no public accesspoint around --- but the feedback i got from kismet is not so clear:

[root@Asteraceae damir]# kismet_monitor -H
kismet_monitor - kismet helper script called by kismet directly.
kismet_monitor DEVICE TYPE
[root@Asteraceae damir]# kismet_monitor -H eth1
[root@Asteraceae damir]# kismet
Server options:  none
Client options:  none
Starting server...
Will drop privs to damir (1000)
No enable sources specified, all sources will be enabled.
Source 0 (orinocosource): Using pcap to capture packets from eth1
Source 0 (orinocosource):  Attempting to enter monitor mode.
Waiting for server to finish starting before startuing UI...
Enabling monitor mode for an orinoco card on eth1 channel 6
Invalid command : monitor
Source orinocosource: Created child capture process 3431
Dropped privs to damir (1000)
Enabling channel hopping.
Disabling channel splitting.
Allowing clients to fetch WEP keys.
Logging networks to Kismet-Jan-25-2004-1.network
Logging networks in CSV format to Kismet-Jan-25-2004-1.csv
Logging networks in XML format to Kismet-Jan-25-2004-1.xml
Logging cryptographically weak packets to Kismet-Jan-25-2004-1.weak
Logging cisco product information to Kismet-Jan-25-2004-1.cisco
Logging gps coordinates to Kismet-Jan-25-2004-1.gps
Logging data to Kismet-Jan-25-2004-1.dump
Writing data files to disk every 300 seconds.
Mangling encrypted and fuzzy data packets.
Reading AP manufacturer data and defaults from /etc/ap_manuf
Reading client manufacturer data and defaults from /etc/client_manuf
Dump file format: wiretap (local code) dump
Crypt file format: airsnort (weak packet) dump
Kismet 3.0.1 (Kismet)
Logging data networks CSV XML weak cisco gps
GPSD cannot connect: Connection refused
Listening on port 2501.
Allowing connections from 127.0.0.1/255.255.255.255
FATAL:  capture child 3431 packet buffer empty and flagged as diseased, exiting
Registering builtin client/server protocols...
Registering requested alerts...
Registering builtin timer events...
Enabling packet source 0 (orinocosource)...
Gathering packets...
Shutting down source 0 (orinocosource)...
Didn't detect any networks, unlinking network list.
Didn't detect any networks, unlinking CSV network list.
Didn't detect any networks, unlinking XML network list.
Didn't detect any Cisco Discovery Packets, unlinking cisco dump
Didn't capture any packets, unlinking dump file
Didn't see any weak encryption packets, unlinking weak file
Waiting for capture child 3431 to terminate...
Kismet exiting.
Starting UI...
FATAL:  Could not connect to localhost:2501.
Client exited, terminating...
Done.  Run kismet_unmonitor or eject and re-insert your card (or restart your
 pcmcia services) to return your card to normal operation.
[root@Asteraceae damir]#

especially lines

GPSD cannot connect: Connection refused

FATAL:  capture child 3431 packet buffer empty and flagged as diseased, exiting

FATAL:  FATAL:  Could not connect to localhost:2501.

are not so "positive" feedback from kismet i think  ... is this normal?

after this run i can see in iwconfig something changed:

eth1      IEEE 802.11-DS  ESSID:""  Nickname:"Prism  I"
          Mode:Managed  Access Point: 44:44:44:44:44:44  Bit Rate:2Mb/s
          Tx-Power=15 dBm   Sensitivity:1/0
          Retry min limit:8   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality:0/0  Signal level:-68 dBm  Noise level:-122 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

of course eth1 is deat (no connection to nowhere) :-(

but thanx a lot for your help and the try --- maybe it's because i use kernel 2.6.1? (but p2p works on 2.6.1 fine)

---

The impossible missions are the only ones which succeed.

andy

Member

From: Germany

Registered: 2002-10-11

Posts: 374

Re: wireless -- how to find a public accesspoint

Actually ... a VERY simple scanning can be done by regularly reading out

cat /proc/net/wireless

or by issuing

iwlist ap eth1

Especially the last command will list all AP's that it can find. Kismet is probably more sophiscticated - and I'm not sure how well iwlist reports "protected" AP's - and by "protected" I mean the various possible protection methods in general.

Xentac

Forum Fellow

From: Victoria, BC

Registered: 2003-01-17

Posts: 1,797

Website

Re: wireless -- how to find a public accesspoint

Running kismet will disassociate you from any APs, because it makes your card scan.

You're going to have to look at the configs for kismet to make sure you have it configure right.  My guess is that it's trying to scan with eth0 instead of eth1.

Oh wait, no... it's trying eth1.

You can diasable the gps stuff, that should stop that GPSD error.

The FATAL diseased error is the one you really have to look at.  That's your actual problem.

I also suggest you read the kismet docs, it will make much more sense than I can.

---

I have discovered that all of mans unhappiness derives from only one source, not being able to sit quietly in a room
- Blaise Pascal

dp

Member

From: Zürich, Switzerland

Registered: 2003-05-27

Posts: 3,378

Website

Re: wireless -- how to find a public accesspoint

@Xentac
i will have a look at kismet-docs ... never had something "FATAL" on arch :-)

@Andy

[damir@Asteraceae /]$ iwlist eth1 ap
eth1      Interface doesn't have a list of Peers/Access-Points

[damir@Asteraceae /]$ cat /proc/net/wireless 
Inter-| sta-|   Quality        |   Discarded packets               | Missed | WE
 face | tus | link level noise |  nwid  crypt   frag  retry   misc | beacon | 16
  eth1: 0000    0.  188.  134.       0      0      0      0      0        0
[damir@Asteraceae /]$ iwlist eth1 scanning
eth1      Failed to read scan data : Operation not supported
[damir@Asteraceae /]$ iwlist eth1 frequency
Warning: Driver for device eth1 has been compiled with version 16
of Wireless Extension, while this program is using version 15.
Some things may be broken...

eth1      0 channels
          Current Frequency:2.432GHz

[damir@Asteraceae /]$ 

maybe it's the last thing (warning) FATAL-ing also kismet --- i suppose that kernel 2.6.1 (where the module for my device comes from) is compiled with version 16 of these "wireless extensions" and the iwXXX-stuff is compiled with the older ones (any chance to upgrade the packages with wireless stuff? any similar things with 2.6.1-kernel-modules with wireless devices from anyone? any successfull wireless-ap-connection with arch(current)+kernel.VERSION=2.6.1?)

thanx you 2 and thanx in advance for helping

---

The impossible missions are the only ones which succeed.

andy

Member

From: Germany

Registered: 2002-10-11

Posts: 374

Re: wireless -- how to find a public accesspoint

I remember reading another post about mismatch of wireless extension versions.

The information you posted essentially means your wireless card hasn't seen a whole lot of packets/AP's - well, none, so far ;-) ...

I have to admit, my notebook I have a wireless card in, I currently boot int an ancient Mandrake to get wireless - but only sice it is a 586, and I first need to recompile a whole lot of things which are not in the experimental i586 version of AL - including the kernel - and since it is so slow, I didn't feel like doing it yet ... ;-)