Hello,
This thread has been very helpful. I'm using FreeBSD
5.2.1 REL with kernels recompiled to support IPSEC.
I've found the "trick" to exclude port 500 UDP packets
allows ISAKMP traffic to be exchanged, e.g:
spdadd 192.168.20.1[500] 192.168.21.1[500] udp -P out
none;
spdadd 192.168.21.1[500]
--- Bruce M Simpson <[EMAIL PROTECTED]> wrote:
> Don't use monitor mode; it's a misnomer. Try without
> using monitor
> mode and you should see radiotap headers.
>
> BMS
Hi Bruce,
Without monitor mode I get worse results for
IEEE802_11, but IEEE802_11_RADIO gives the same
results.
orr:/root#
Hello,
>From what I've read elsewhere on the lists, I'm not
seeing what I should using the new IEEE802_11_RADIO
link type. Tcpdump is compiled --WITH_RADIOTAP:
--
orr:/root# uname -a
FreeBSD orr.taosecurity.com 5.2-SECURITY FreeBSD
5.2-SECURITY #0: Thu Feb 5 10:24:52 GMT 2004
[EMAIL PROTECT
ce polling is enabled.
A wrote a short and probably naive synopsis for my
Blog:
http://taosecurity.blogspot.com/2004_01_01_taosecurity_archive.html#107358025105922521
Does anyone care to comment on the paper? (I asked
Luca and he agreed to this post.)
Thank you,
Richard Bej
Hello,
I've been trying to find the best way to replay
traffic with tcpreplay and have various tools on the
same system listen for that traffic. In other words,
I'd like a single box traffic replay and analysis
system. This is the way I have tools that can't read
libpcap files process libpcap da
