LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-12-2016, 09:57 AM   #1
danmartinj
Member
 
Registered: Oct 2009
Posts: 117

Rep: Reputation: 1
Help Configuring USB WiFi Dongles For Monitoring Airway


Hello,

I am trying to build a Linux Based WiFi Monitoring System using aircrack-ng. My main goal is to capture BSSID and STATION associations otherwise my system will not work because it only reports based on client-AP connections by design. It is worth noting I have been testing on Lenovo ThinkPad X1 Carbon labtop, Custom Linux appliance and RasberryPie. My main USB dongles I have been using for testing are the TP-Link TL-WN722N and the AWUS036NEH. Both have fairly good reviews online and the TP-Link card comes with an Atheros AR2971 chipset and uses the ath9k_htc driver as the main card I have been trying to get to work.

Anyhow, the problem I have been noticing is for certain WiFi devices I have been trying to monitor for whatever reason my USB dongles do not pickup the association between client and AP. When using the internal cards on the Labtop and Linux appliance I do pickup the association. The reason why this is such a problem is because my end goal is to put my system on the RasberryPie and put it outside but my internal card on the Pie does not support monitor mode so in that case I HAVE to get these USB dongles configured so it can pickup these associations. Airodump-ng does not pick up any #DATA packets so that is one reason I believe the associations are not being found.

My hope is this problem is a driver issue or an issue that can be adjusted using Linux software. Maybe this is a power issue or sensitivity issue related to the USB dongles. Currently I am looking into advanced ways to configure these dongles but I am really hoping someone out there might have some good advice or suggestions because at this point I am loosing confidence I can get it working.

Thanks in advance,
Joe
 
Old 07-13-2016, 05:54 AM   #2
jnihil
Member
 
Registered: Dec 2012
Location: inside the matrix
Distribution: Debian, Xubuntu, Gentoo, Antergos
Posts: 90

Rep: Reputation: 27
Is the monitor/capture using the TP-Link only dropping assoc frames?
or it is also dropping other control frames (probes, beacons, auth, etc)?
 
Old 07-13-2016, 04:43 PM   #3
danmartinj
Member
 
Registered: Oct 2009
Posts: 117

Original Poster
Rep: Reputation: 1
Hi Jnihil,

I am seeing Beacons but I do not see any packets under the #Data column of airodump. Do you by chance have any ideas?

Thanks,
Joe
 
Old 07-13-2016, 09:37 PM   #4
jnihil
Member
 
Registered: Dec 2012
Location: inside the matrix
Distribution: Debian, Xubuntu, Gentoo, Antergos
Posts: 90

Rep: Reputation: 27
Ah, this makes sense now.
airodump hops between various channels at configurable intervals.
Since you can only minitor/capture packets on the radio channel you currently occupy,
it would be normal not to capture every packet on every radio channel.
 
Old 07-14-2016, 09:14 AM   #5
danmartinj
Member
 
Registered: Oct 2009
Posts: 117

Original Poster
Rep: Reputation: 1
Jnihil,

So my internal WiFi cards on my labtop and network appliance have no problem capturing the Data packets. It has only been when I use my USB WiFi dongles and the ones I have been testing with are actually recommended devices among the community however they do have some age on them. My internal WiFi chipsets do appear to be a bit newer and I kind of wonder if that could be a problem. I just went to Walmart and bought another USB newer dongle to play with and I am trying to get the driver to work at this point.

Just to be clear these USB devices capture Data packets on the majority of my WiFi devices I associate to my AP but there is certain devices that looks like is on the 2.4GHz WiFi spectrum that for some reason these USB dongles cannot capture when my internal cards do so any ideas how i can get this to work would be greatly appreciated or any other comments or advice you have.

Joe
 
Old 07-14-2016, 01:07 PM   #6
jnihil
Member
 
Registered: Dec 2012
Location: inside the matrix
Distribution: Debian, Xubuntu, Gentoo, Antergos
Posts: 90

Rep: Reputation: 27
If you still suggest that your TP-Link does not capture certain 802.11 frames (assoc & data),
why not try and see if that's for certain by captureing traffic using iw and tcpdump/tshark?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
configuring netis wf2123 usb wifi adapter in CentOS7 jawedfaizyar Linux - Newbie 0 07-27-2015 06:45 AM
USB-to-Ethernet and Wifi USB dongles losing packets jgreg Linux - Networking 0 05-24-2010 04:01 AM
Advice Please - USB 2 To NAS (RJ45) Dongles TheGreatGonzo Linux - Networking 2 11-04-2009 02:12 AM
LAN through USB dongles on different OS desktops alokm Linux - Networking 13 03-01-2008 07:27 AM
Good wifi dongles that are plug and play with ubuntu, any reccomendations? lopagof Linux - Hardware 3 05-01-2007 02:37 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration