Using tcpdump to filter beacons

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Using tcpdump to filter beacons

Hi all,

I'm using tcpdump to filter beacons. Here are the settings:
Ubuntu 10.04,
Atheros AR5001X+ wireless card,

I set the wireless interface (ath0) to work in monitor mode, and on the same channel as the access point(channel 6): 
sudo iwconfig ath0 channel 6. (Also tried frequency: sudo iwconfig ath0 freq 2.437G)

Then when I use the following command to capture beacons:
sudo tcpdump -i ath0 -ne link[25]=0x80
it takes much longer time than expected. The access point is broadcasting beacons in default rate 100ms, but it takes almost 20 minutes to collect 200 beacons.

Any idea what's going on here?


Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
Madwifi-users mailing list
[hidden email]