Sophie: Wellenreiter-1.6-2mdk noarch

Wellenreiter-1.6-2mdk.noarch.rpm

**************************************************************
* Wellenreiter - advanced 802.11b audit tool - Wellenreiter  *
**************************************************************
*        Homepage: http://www.remote-exploit.org             *
*        IRC: #wellenreiter @  openprojects.net              *
*                                                            *
**************************************************************
*       -[ Instructions for Hermes based cards ]-            *
**************************************************************

The Lucent/Hermes based cards are very widespread in the market, too,
but are more expensive than Prism2 based cards.  These cards don't
produce "crap packets" like the Prism2, so i believe Cisco and Lucent
cards are well worth the money.  You have to patch your driver for
this card, otherwise rfmon mode will not support PF_PACKET mode.

****************************************
*  Patching your Lucent/Hermes driver  *
****************************************

	1. Get the PF_PACKET patch from:

		http://airsnort.shmoo.com/orinocoinfo.html

		It's important to get the newest!

	2. Install the patched driver.
	
	3. Verify that your libpcap and tcpdump versions are compatible
	   with 802.11b packets.  Normally I prefer to download the
	   current versions from http://www.tcpdump.org
	   See Wellenreiter FAQ: 'What this message mean: "Warning: arptype
				   801 not supported by libpcap -
				   falling back to cooked socket"'.

	4. Get the Net::Pcap perl module from http://www.cpan.org.
	   See Wellenreiter FAQ: "Whats the error: Can't locate
				   Net/Pcap.pm in @INC".
	
	5. Test your driver, etc.
	   See Wellenreiter FAQ  "General test procedure for rfmon mode".

	6. We're told that some Lucent user had strange problems, and
	   when downgrading the firware, all works.  Please give us the
	   kernel, /pcmcia, /firmware and patch level of your combinations.

*******************************************
* How to put it into rfmon mode manually: *
*******************************************

When you are sure that you have the correct drivers installed you can
enter the following command as root:

	iwpriv eth1 monitor 2 11

You may need to replace eth1 with your corresponding interface name,
and 11 is the channel you want to sniff, change it as you desire.
Verify rfmon mode using ifconfig -a. If your monitoring mode is ok you
should see something like this:

	'Link encap:UNSPEC  HWaddr 00-03-4D-A7-55-F2-00-00-00-00-00-00-00-00-00-00'

If you see something more like this:

	'Link encap:Ethernet  HWaddr 00:04:43:A7:0C:F4'

your card is not in rfmon mode (recheck your driver and patch
installation).

**************************************************************
* If you have further questions, please contact the team at  *
*        Homepage: http://www.remote-exploit.org             *
*        IRC: #wellenreiter @  openprojects.net              *
**************************************************************