Well switch to Linux
http://wiki.wireshark.org/CaptureSetup/WLAN#head-bb8373ef4903fe9da2b8375331726541fb1ad32d
<snip>
Cards with Atheros Communications chipsets
See the Atheros customer products page to find products that use Atheros
chipsets.
You can capture raw 802.11 packets with AR5K cards on Linux systems with
the v5_ar5k or madwifi drivers. For the v5ar5k driver you will need the Linux
wireless-tools version 25 or higher to put the card into monitor mode. If
you're using the madwifi driver, you can put the card into monitor mode using
iwconfig interface mode monitor, followed by iwconfig interface channel channel
to select a channel (if needed). THis works only on the old version of the
madwifi driver. If you are using the new version, also known as madwifi-ng,
you must create a monitor vap with the command wlanconfig ath create wlandev
wifiX wlanmode mon. For further information read the madwifi documentation,
included with versions 0.9.0 and up.
<snip>
or
buy an AirPcap adapter*.
http://www.cacetech.com/products/airpcap.html
http://www.winpcap.org/misc/faq.htm#Q-16
<snip>
For real wireless capture, CACE Technologies offers the AirPcap adapter,
specifically designed to sniff 802.11 traffic, including control frames,
management frames and power information. AirPcap at this time is the only
solution for capturing raw 802.11 traffic with WinPcap. More details can
be found on the AirPcap product page.
<snip>
*Last year I got one for free, when I visited Sharkfest:
http://www.cacetech.com/sharkfest.09/
The next Sharkfest is in June:
http://www.cacetech.com/sharkfest.10/
Best regards
Joan
Post by r***@aol.comYes - it's wireless traffic I am looking at. Atheros AR9285 is the wireless
adapater, but still no luck. I did check out those two links, but they
didn't
Post by r***@aol.comoffer any solutions yet. Like David Trout mentioned, the micro-logix links
do not work, so I couldn't look at either of those.
-----Original Message-----
Sent: Sun, Feb 21, 2010 4:35 am
Subject: Re: [Winpcap-users] NPF Interface Problem - Atheros Promiscuous
Mode
Hi,
Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
64-bit Windows Server 2008 R2
wireshark: Version 1.3.3-SVN-31855
WinPcap version 4.1.1
C:\Windows\system32\DRIVERS\L1E62x64.sys
Driver Date: 11-06-2009
Driver Version: 1.0.0.15
Are you trying to capture wireless traffic in promiscuous mode?
http://www.winpcap.org/misc/faq.htm#Q-16
http://wiki.wireshark.org/CaptureSetup/WLAN#head-02456742c655394c9e948a4c9a59d3441c92782f
Best regards
Joan
Post by r***@aol.comI recently installed Win 7 on a new laptop and am having trouble running
Wireshark in promiscuous mode using WinPCap. The NIC is Atheros AR9285
which
Post by r***@aol.comI thought was supported. Originally I was using the default Microsoft
drivers
Post by r***@aol.comPost by r***@aol.comfor the card after installing windows 7. I installed Wireshark / WinPCap
but could not capture in promiscuous mode. I then installed the Atheros
drivers, uninstalled and reinstalled Wireshark / WinPCap but still no luck.
Now when I start Wireshark in promiscuous mode to capture, it says "The
capture session could not be initialed. Failed to set device to promiscuous
mode. Please check that the device /device/npf_{...} is the proper interface".
Does anyone know what the problem might be? does it have to do with the
fact I had installed wireshark / winpcap before installing the Atheros
drivers?
Post by r***@aol.comPost by r***@aol.comIs the Atheros AR9285 not supported in WinPCap 4.1.1? Any ideas would
be
Post by r***@aol.comgreatly appreciated. I've tried uninstalling / reinstalling winpcap and
wireshark. I've restarted computer several times. Tried running 'net
stop
Post by r***@aol.comPost by r***@aol.comnpf' 'net start npf' as administrator, etc. but no luck yet.