Our newbie asked:
I need to develop a wireless application which can retrieve all the raw
data packets going through the wireless adapter. I need some solution
apart from writing a miniport driver or NDIS intermediate protocol.
What are the techniques I can adopt? I heard about the Rawether for
Windows the Win32 NDIS API and WinPcap packet filtering library for
windows.
Can we use any one of these?
Please give me advice?
Regards,
VIMAL RAJ.S
Software Engineer
Cranes Softwares
It is Pity the Newbie Week at Hollis Technology Solutions
This must be an end of the month special . I thought that PNW was last
week Mark? 
Gary G. Little
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Roddy, Mark
Sent: Monday, June 26, 2006 11:10 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] On behalf of a newbie (wireless application)
Our newbie asked:
I need to develop a wireless application which can retrieve all the raw
data packets going through the wireless adapter. I need some solution
apart from writing a miniport driver or NDIS intermediate protocol.
What are the techniques I can adopt? I heard about the Rawether for
Windows the Win32 NDIS API and WinPcap packet filtering library for
windows.
Can we use any one of these?
Please give me advice?
Regards,
VIMAL RAJ.S
Software Engineer
Cranes Softwares
It is Pity the Newbie Week at Hollis Technology Solutions
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Rawether, WinPcap and other packet collection mechanisms based on NDIS protocol drivers can monitor (observe - but not block or modify) raw 802.3 packets sent and received on an 802.11 miniport.
No NDIS protocol-based packet collection mechanism can monitor native wi-fi 802.11 packets. You must “marry” a specific 802.11 adapter that you can legally obtain proprietary API’s for and write your own driver to see Native Wi-Fi packets on Windows.
This limitation may be removed with Windows Vista Native Wi-Fi support.
Good luck,
Thomas F. Divine, Windows DDK MVP
http://www.rawether.net
“Roddy, Mark” wrote in message news:xxxxx@ntdev…
Our newbie asked:
I need to develop a wireless application which can retrieve all the raw data packets going through the wireless adapter. I need some solution apart from writing a miniport driver or NDIS intermediate protocol.
What are the techniques I can adopt? I heard about the Rawether for Windows the Win32 NDIS API and WinPcap packet filtering library for windows.
Can we use any one of these?
Please give me advice?
Regards,
VIMAL RAJ.S
Software Engineer
Cranes Softwares
It is Pity the Newbie Week at Hollis Technology Solutions
Respected sir,
I need to develop a wireless sniffer and for this I need to write
a miniport driver to read packet. since NDIS 802.11 driver emulates 802.3
devices and replaces 802.11 headers with 802.3 headers I am in confusion.
Please tell me whether the driver can use the NDIS specific
functions such as NdisRawReadPortXxxor I don’t know internally where
802.11 to 802.3 conversion is taking place? (From my knowledge I thought
intermediate driver is doing the media translation).
My doubt is whether the use of Ndis read functions will corrupt our raw
data. I need to read raw 802.11 data.
Please give me advice …
Regards,
vimal
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Thomas F. Divine
Sent: Tuesday, June 27, 2006 12:52 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] On behalf of a newbie (wireless application)
Rawether, WinPcap and other packet collection mechanisms based on NDIS
protocol drivers can monitor (observe - but not block or modify) raw 802.3
packets sent and received on an 802.11 miniport.
No NDIS protocol-based packet collection mechanism can monitor native wi-fi
802.11 packets. You must “marry” a specific 802.11 adapter that you can
legally obtain proprietary API’s for and write your own driver to see Native
Wi-Fi packets on Windows.
This limitation may be removed with Windows Vista Native Wi-Fi support.
Good luck,
Thomas F. Divine, Windows DDK MVP
http://www.rawether.net
“Roddy, Mark” wrote in message news:xxxxx@ntdev…
Our newbie asked:
I need to develop a wireless application which can retrieve all the raw data
packets going through the wireless adapter. I need some solution apart from
writing a miniport driver or NDIS intermediate protocol.
What are the techniques I can adopt? I heard about the Rawether for Windows
the Win32 NDIS API and WinPcap packet filtering library for windows.
Can we use any one of these?
Please give me advice?
Regards,
VIMAL RAJ.S
Software Engineer
Cranes Softwares
It is Pity the Newbie Week at Hollis Technology Solutions
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
On pre-Vista systems the 802.3 to 802.11 conversion is perfromed within the 802.11 adapter vendor’s miniport driver.
If you want to read raw 802.11 frames you must replace the adapter vernor’s miniport driver with your own. Then you can make your own replacement NIC miniport driver that reads 802.11 frames using the adapter vendor’s private hardware API. Of course, you must work with an 802.11 adapter vendor to be able to get the information about their hardware that will allow you to write your replacement miniport. The information you need to write this sort of special miniport is only known by the adapter vendor; it is not it the DDK.
Good luck,
Thomas F. Divine
“vimal raj” wrote in message news:xxxxx@ntdev…
Respected sir,
I need to develop a wireless sniffer and for this I need to write a miniport driver to read packet. since NDIS 802.11 driver emulates 802.3 devices and replaces 802.11 headers with 802.3 headers I am in confusion.
Please tell me whether the driver can use the NDIS specific functions such as NdisRawReadPortXxxor I don’t know internally where 802.11 to 802.3 conversion is taking place? (From my knowledge I thought intermediate driver is doing the media translation).
My doubt is whether the use of Ndis read functions will corrupt our raw data. I need to read raw 802.11 data.
Please give me advice …
Regards,
vimal
------------------------------------------------------------------------------
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Thomas F. Divine
Sent: Tuesday, June 27, 2006 12:52 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] On behalf of a newbie (wireless application)
Rawether, WinPcap and other packet collection mechanisms based on NDIS protocol drivers can monitor (observe - but not block or modify) raw 802.3 packets sent and received on an 802.11 miniport.
No NDIS protocol-based packet collection mechanism can monitor native wi-fi 802.11 packets. You must “marry” a specific 802.11 adapter that you can legally obtain proprietary API’s for and write your own driver to see Native Wi-Fi packets on Windows.
This limitation may be removed with Windows Vista Native Wi-Fi support.
Good luck,
Thomas F. Divine, Windows DDK MVP
http://www.rawether.net
“Roddy, Mark” wrote in message news:xxxxx@ntdev…
Our newbie asked:
I need to develop a wireless application which can retrieve all the raw data packets going through the wireless adapter. I need some solution apart from writing a miniport driver or NDIS intermediate protocol.
What are the techniques I can adopt? I heard about the Rawether for Windows the Win32 NDIS API and WinPcap packet filtering library for windows.
Can we use any one of these?
Please give me advice?
Regards,
VIMAL RAJ.S
Software Engineer
Cranes Softwares
It is Pity the Newbie Week at Hollis Technology Solutions
—
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
> I need to develop a wireless sniffer and for this I need to write
a miniport driver to read packet. since NDIS 802.11 driver emulates 802.3
devices and replaces 802.11 headers with 802.3 headers I am in confusion.
No ways of doing this till Vista, except the vendor-specific proprietary ways.
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com