I am using Alfa AWUS036H usb Wifi device with Arch Linux (kernel 4.3.3) to capture wifi traffic. I have setup an open access point which should be easy to sniff. I tried for many days but couldn't catch any tcp data. There were numerous protocols like 802.11 broadcasts, NBNS, UDP, ICMPv6, ARP, SSDP, LLMNR etc but no tcp.
Then I booted a live kali cd and repeated the same procedure exactly. This time everything worked fine and there was plentiful tcp traffic.
My question is: While both Arch and Kali systems are using the same driver (rt2800usb), why can't I capture tcp on Arch?
Just tested everything once again. Both Kali and Arch are using version 2.3.0 of rt2800usb driver. I put the device in monitor mode using 'airmon-ng start wlan0'. Then start capturing data using 'airodump-ng wlan0mon' so I start seeing info about nearby access points. At this stage I start data capture on Wireshark. Here onwards, Kali gives loads of tcp data but Arch doesn't capture a single tcp packet.
asked 10 Jan '16, 10:30
edited 10 Jan '16, 14:48
if you really (really) repeated the EXACT same procedure on both systems, the only logical answer would be: The driver version in Arch Linux and Kali is different and that's the reason why it fails on Arch and works on Kali.
answered 10 Jan '16, 13:08
Kurt Knochner ♦