On 2009-11-11, Tom Smith <[email protected]> wrote: > On Wed, Nov 11, 2009 at 3:35 PM, Nick Guenther <[email protected]> wrote: > > >> Well if you were using monitor mode on some other card I would say >> it's because as a 'security measure' the firmware is blocking it, but >> it's a Ralink and they're the open ones so hmm. Sorry, I think I'm >> spent. > > > I figured it out. The commands I posted *do* capture the 802.11 traffic > that I'm looking for. I just did not realize that until I loaded the output > from tcpdump into a better analyzer. While tcpdump does a fine job capturing > packets, it's not the best analysis tool.
For many things, it is. For one, it actually runs the dissectors in a jail, so it's reasonably safe to use on untrusted traffic. What in particular are you missing from the 802.11 dissector?
