[Windump] windump
Gianluca Varenni
gianluca.varenni at cacetech.com
Mon Apr 6 15:51:36 PDT 2009
Uhm, have you contacted the authors of ELCOMsoft about the issue?
I suspect that the elcomsoft product is only able to process libpcap/tcpdump files containing wireless packets. What you have captured with windump and the a standard wireless card are "syntetic" ethernet frames.
What happens is that under windows the normal wireless card drivers do not export the original wireless (i.e. 802.11) frames, they export fake ethernet packets (this is imposed by Windows pre-vista).
Have a nice day
GV
----- Original Message -----
From: buercky at sbcglobal.net
To: windump at winpcap.org
Sent: Friday, April 03, 2009 3:05 PM
Subject: [Windump] windump
Ver 3.9.5
I am monitoring a wireless card and I do see the packets flow by as traffic is generated on the screen and I can write it to a file tcpdump.cap
Then if I read the file using the -r option it reads the file ok. Then if I try to open it with ELCOMsoft wireless security auditor and it says it not a valid tcpdump file if I open it with wireshark it opens ok.
------------------------------------------------------------------------------
_______________________________________________
Windump mailing list
Windump at winpcap.org
https://www.winpcap.org/mailman/listinfo/windump
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/windump/attachments/20090406/35ee51a4/attachment.htm
More information about the Windump
mailing list