Airsnort - Critical Exception Error

[Critter]

When i start Airsnort and tell it to start scanning, its crashing the gui and exits to a terminal window. The error i see is a critical exception error. Has anyone seen this problem. This is the first time i have setup airsnort, so i am probably doing something wrong. Maybe someone can help me find my mistake. I have looked everywhere for documentation on setting it up but haven't found it yet. I even wrote the siteop on http://airsnort.shmoo.com but he hasn't replied back to me. So once I get it running, i will write documention to help others out. I will post below what i have already written up in for the future documentation. Please tell me any errors you find or where i goofed up. thanks

System description of what I installed this on:
1) Dell Latitude Laptop Model PP01L with Pentium 4, 512 megs RAM, 10 Gig Harddrive
2) orinoco gold classic 802.11b with v8.10 firmware
3) disabled in the bios the built in wireless card
4) disabled power management due to some weird video problem when the computer would go to sleep


I started off with a clean install of Redhat 9 with pretty much everything installed except the server services. All devices in computer were found by OS. So basically i had no problems with the install. I left the Orinoco wireless card out of the laptop through the entire build to try and eliminate extra drivers from getting loaded. That step didn't do much for me, because as soon as i put the card in, it loaded them anyways. So futher down in this tutorial i end up removing those drivers. Once the build was finished I had to reboot the computer. I noticed the following messages as it came back up.

starting PCMCIA: yenta irg list 06b8, irq 11
starting eth0 (which was my built in network card)
I did not see anything referring to eth1 for my Orinoco Wireless card

Logged into redhat as root and opened a terminal window and changed out of root homefolder to /. Created a directory called downloads. i.e /downloads. Download the following files into the downloads folder:
libpcap current version from http://www.tcpdump.org/daily/libpcap-current.tar.gz
pcmcia-cs-3.2.1 from http://sourceforge.net/projects/pcmcia-cs/
pcmcia-cs-3.2.1-orinoco-patch.diff from http://airsnort.shmoo.com/pcmcia-cs-...oco-patch.diff

I used version 3.2.1 for the reason that many other people were able to get it working using that version and firmware v8.10 on the orinoco cards. I tried other versions with a newer firmware originally but had no luck. I ended up just downgrading the firware and used a known working version of code. You can download the v8.10 firmware from http://www.proxim.com/support/softwa...02/WSU_810.exe

Using the following command I extracted the compressed files into the downloads folder. This command made subfolders with the program name in the downloads folder. :
gunzip < filename.tar.gz | tar xvf -

The next section Italk about how to remove the existing drivers. I searched for the following files to make sure that there were no duplicates.
hermes.0
orinoco_cs.o
orinoco.o

This is the easiest way I know of to find where the files are located. I opened a terminal window and type updatedb to update the file database. Then using the mouse I clicked on the arrow about the red hat icon located in the bottom left hand side of the screen. Located above that is the search for files. I changed the "look in folder" to “/” and then typed in the file name in the section labeled “File is named:”. I found all these files in the following directory.
/lib/modules/2.4.20-8/kernel/drivers/net/wireless
I ended up just moving these files into a folder on my desktop and kept them as backups.



PCMCIA Section
Next I changed back to the downloads directory where I uncompressed the files. I'll start with the pcmcia-cs-3.2.1 directory. Here's the commands I did in order.
cd /downloads
ls
cp pcmcia-cs-3.2.1-orinoco-patch.diff /downloads/pcmcia-cs-3.2.1
The file listed as pcmcia-cs-3.2.1-orinoco-patch.diff is the patch used to apply to the pcmcia-cs-3.2.1 drivers. Notice that the patch is at the same revision drivers. This is important so make sure they match. Change directories into pcmcia-cs-3.2.1. i.e. cd /pcmcia-cs-3.2.1
run the patch in the /downloads/pcmcia-cs-3.2.1 directory by using this command:
patch -p0 < pcmcia-cs-3.2.1-orinoco-patch.diff
this patch will patch the hermes.o, orinoco.o and orinoco_cs.o files.
Run the following commands:
./Configure
verify where you kernel is. The default setting was not where my kernel was. My kernel was actually located at /usr/src/linux-2.4.20-8
all the rest of the prompts, i left the default value
[root@localhost pcmcia-cs-3.2.1]# ./Configure

-------- Linux PCMCIA Configuration Script --------

The default responses for each question are correct for most users.
Consult the PCMCIA-HOWTO for additional info about each option.

Linux kernel source directory [/usr/src/linux-2.4.20-8]:

The kernel source tree is version 2.4.20-8custom.
WARNING: the current kernel is sublevel 2.4.20-8.
The current kernel build date is Thu Mar 13 17:54:28 2003.

Build 'trusting' versions of card utilities (y/n) [n]:
Include 32-bit (CardBus) card support (y/n) [y]:
Include PnP BIOS resource checking (y/n) [n]:
Module install directory [/lib/modules/2.4.20-8]:

Kernel configuration options:
Kernel-tree PCMCIA support is enabled.
Symmetric multiprocessing support is disabled.
PCI BIOS support is enabled.
Power management (APM) support is enabled.
SCSI support is enabled.
IEEE 1394 (FireWire) support is disabled.
Networking support is enabled.
Radio network interface support is enabled.
Token Ring device support is enabled.
Fast switching is disabled.
Frame Diverter is enabled.
Module version checking is enabled.
Kernel debugging support is disabled.
Preemptive kernel patch is disabled.
/proc filesystem support is enabled.

It doesn't look like you are using 'lilo'.
It looks like you have a System V init file setup.

X Window System include files found.
Forms library not installed.
If you wish to build the 'cardinfo' control panel, you need the Forms library and the X Window System include files. See the HOWTO for details.

Configuration successful.

Your kernel is configured with PCMCIA driver support. Therefore,'make all' will compile the PCMCIA utilities but not the drivers.

[root@localhost pcmcia-cs-3.2.1]#
make all
make install
now change to the wireless directory (/downloads/pcmcia-cs-3.2.1/wireless) from the current directory that your in.
cd wireless
run these commands in that directory
make
make install
notice the directory where the make install copied the files to. It copied them to /lib/modules/2.4.20-8/pcmcia. This is where i originally had problems. I could not get the wireless network card to be recognized. I ended up manually moving these files to
/lib/modules/2.4.20-8/kernel/drivers/net/wireless
This was the directory where the original orinoco drivers were located before I moved them. I rebooted at this point and watched the startup messages. I did not see any change in the starting pcmcia. It still said “yenta”. Also Ionly saw eth0 (which was my built in NIC) and loopback. I didn't see anything referring to eth1 (orinoco card).
When Redhat came back up, I checked the network settings that were located off the system settings menu. It did not list any other cards besides for my internal eth0 NIC. This was kind of confusing. I kind of figured it would appear in here at this point. Here is a way to test that you have the new patched drivers and not the default ones.

iwpriv – look for the eth0, eth1 or whatever that references you wireless card. You should see something like the following:
[root@localhost root]# iwpriv
lo no private ioctls.

eth0 no private ioctls.

eth1 Available private ioctl :
force_reset (8BE0) : set 0 & get 0
card_reset (8BE1) : set 0 & get 0
set_port3 (8BE2) : set 1 int & get 0
get_port3 (8BE3) : set 0 & get 1 int
set_preamble (8BE4) : set 1 int & get 0
get_preamble (8BE5) : set 0 & get 1 int
set_ibssport (8BE6) : set 1 int & get 0
get_ibssport (8BE7) : set 0 & get 1 int
monitor (8BE8) : set 2 int & get 0 <-----------------

[root@localhost root]#
notice the monitor line listed above. That will only apear if you have the patched drivers loaded. To put the wireless card into a monitor state do this command:
iwpriv eth0 monitor <m> <c>
m - one of the following
0 - disable monitor mode
1 - enable monitor mode with Prism2 header info prepended
to packet (ARPHRD_IEEE80211_PRISM)
2 - enable monitor mode with no Prism2 info (ARPHRD_IEEE80211)
c - channel to monitor

The command I ran was iwpriv eth1 monitor 2 6. If this command does not work and says that it doesn't recognize monitor, then you still have the old drivers and not the patched one. There is one more command you need to do to get the wireless card set. you must change the mac address to 01:02:03:04:05:06. you can run the following command. just make sure the eth* part is referencing the right network adaptor.

ifconfig eth1 hw ether 01:02:03:04:05:06

libpcap installation. Do these commands as follows, as long as you've extracted them earlier in this document.
cd /downloads/libpcap-2003.10.31
./configure
make install

Airsnort Installation:
cd /downloads/airsnort-0.2.2
./autogen.sh
make
to run airsnort change to directory /usr/local/bin/ and do ./airsnort
Once the program open, click the button next to the channel you set your card to listen on.
** I got my error at this point**

Critter
http://www.chrisstokes.com