PaulDotCom mailing list archives

packet injection on ipw2200bg

From: mailing at (Bert Van Kets)
Date: Wed, 09 Sep 2009 11:49:27 +0200

Does anybody have good resources on researching this issue?
I can't find it in Google or the aicrack site.



Bert Van Kets wrote:
You are correct. I changed the scripts to do the monitoring on the rtap

I can't seem to get the packet injection bit working when no client is
connected though. Any suggestions on this?
What is a normal timing to capture a packet for aireplay attacks type 3,
4 or 5? I find people reporting no problems in getting IV captures
without clients attached and others reporting hours of waiting?
Is there a way to force ARP Packets with only the IPW2200 present? The
explanations I have found don't seem to do anything.


Jason Jones wrote:
One thing I see that appears to be causing part of the issue is that
you are running airodump-ng on eth1 instead of the tap interface
rtap0... Also, not quite sure if you need these steps:
- ifconfig eth1 essid <essid>
- ifconfig eth1 key s:fakekey
- ifconfig eth1 mode managed

I don't recall needing to do them on my intel-based chipset cards in
the past and IIRC putting the main wireless interface back into
managed mode will kill the the the rtap monitor mode....

I found this page on the aircrack-ng site that gives a much better
explanation than i can:

hope this helps

On Fri, Sep 4, 2009 at 4:26 PM, Bert Van Kets <mailing at
<mailto:mailing at>> wrote:

    - ifconfig rtap0 up
    - airodump-ng -c <AP-channel> -w dump -bssid <AP-Mac> -ivs eth1


Pauldotcom mailing list
Pauldotcom at
Main Web Site:

Pauldotcom mailing list
Pauldotcom at
Main Web Site:


Current thread: