#### This document was provided by orey Donohoe<atmos@atmos.org> ####
#### Thanks a lot for submitting that documentation			  ####

Sniffing 802.11b on an apple ibook2 with Debian/GNU Linux PPC

I built/used all of this running Debian stable. September 17th 2002.  I used
kernel version 2.4.19 from ftp.kernel.org/pub/linux/kernel/v2.4/  My first
attempts at this failed due to firmware issues, so I've rewritten my how-to
with a new patch to the orinoco drivers that makes the firmware issue
non-existent.

A. Get Wellenreiter 
    I.  Download Wellenreiter(http://www.remote-exploit.org/)
    II.  Read the files
	a. docs/FAQ
	b. docs/INSTALL.LINUX
	c. docs/README.LINUX.LUCENTorHERMES
    III.  Reread them.

B. Get the debs you need.
    I.  sudo apt-get install wireless-tools libgtk-perl tcpdump libpcap-dev
    libpcap0 libnet-pcap-perl bison ethereal
    II.  Nuke your libpcap libraries debian just installed for you
	sudo rm -rf /usr/lib/libpcap.so*
    III.  Everything currenly linked off of libpcap will break, but only for
    a few minutes. 

C. Get current libpcap/tcpdump installed
    I.  Get the dailies for both from
	a. http://www.libpcap.org/daily/libpcap-current.tar.gz
	b. http://www.tcpdump.org/daily/tcpdump-current.tar.gz
    II.  untar libpcap, cd into the directory
	a. ./configure --prefix=/usr; make; sudo make install
    III.  libpcap doesn't seem to make shared libraries by default.  
	a. So create your own since all the modules are built
	libtool --mode=link gcc -shared *.o -o libpcap.so -version-info 0:6:2
	b. Manually install our new shared library.
	sudo cp libpcap.so /usr/lib/
	cd /usr/lib
	sudo ln -s libpcap.so libpcap.so.0
	sudo ln -s libpcap.so libpcap.so.0.6.2
	sudo ldconfig
    IV. untar tcpdump, cd into the directory
	a. ./configure --prefix=/usr; make; sudo make install
	b. test tcpdump to see what kinda output it's giving you 
	    tcpdump --help 
	c. Should yield something to the effect of
	tcpdump version current-cvs.tcpdump.org.2002.07.30
	libpcap version current-cvs.libpcap.org.2002.07.30

D. Patching your kernel.
    I. Grab ftp://ftp.kernel.org/pub/linux/kernel/v2.4/linux-2.4.19.tar.gz
    II. Untar it to /usr/src/
    III.  Download the orinoco patches.  
    http://64.192.107.53/files/orinoco-2.4.19-airport.diff
    IV. (cd /usr/src/linux-2.4.19/net/drivers/wireless; \
	patch -p0 < /path/to/orinoco-2.4.19-airport.diff)
    V. Rebuild your kernel, install it, reboot(don't forget ybin!).
    VI. test your driver when you reboot issue the command
	iwpriv ethX monitor 2 11
	a. If it doesn't complain, continue on.  Otherwise, start the kernel
	    patching process again =(		

E. Setting up Wellenreiter
    I.  In the main Wellenreiter directory run
    sudo perl config.pl
    II. Choose your wireless card type
	lucent
    III. Set your wireless interface name.  Mine is eth1
	eth1
    IV. Do u got a RAW-capture rfmon compatible card?(That question cracked me
    up the first time I configured Wellenreiter)  Basically it wants to know if
    you can sniff.  So you answer y.
    y
    V. Which is the highest available channel in your country for wireless
    network?  If you're in the US give it 11, otherwise it'll act funky.
    11
    VI. For some reason it asks a second time for your wireless interface and
    type.  I gave it lucent and eth1 again.
    VII.  You can turn on acoustics at your discretion.  

F. Running Wellenreiter
    I.  Run it from the directory you originally unntarred.
    sudo perl Wellenreiter.pl
    II. Click on scanner, a new window will pop up.
    III.  Click start and see what happens. Networks pop up for me.  =)

version 0.1 - August 9th, 2002 - Corey Donohoe<atmos@atmos.org> MEM-B11
version 0.2 - September 17th, 2002 - Corey Donohoe<atmos@atmos.org> DunnHall