Uses:
– Geographical packet analysis
– Observing widespread traffic
– Acquiring knowledge of Wi-Fi technology
– Auditing unsecure channels (e.g., WEP)
– Designing Wi-Fi networks
Limitations:
– Wireless adapter usually unable to transmit
– Restricted to a single wireless channel
– Dependent on driver, firmware, and chipset
– No CRC check for captured packets
– Some captured packets may be corrupted
Operating system support:
– NDIS API supports extensions for monitor mode
– NDIS 6 exposes 802.11 frames
– Implementation varies among vendors
– Some vendors have improper support
– Linux and BSD systems support monitor mode