bosswatt/GL-XE300
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Aircrack-NG Dual-Band Scanning Notes

Scott Leonard
2025-11-24 12:46:48 +00:00
parent 6916d06ae5
commit 37a0260b0f
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Aircrack-NG Dual-Band Scanning Notes.-.md

@@ -19,13 +19,13 @@ To record discovered networks:
airodump-ng --band bg --write scan2ghz --output-format csv wlan0mon
This logs to scan2ghz-01.csv. Similarly, run a second instance for 5g. The CSV includes BSSID, ESSID, channel, power, #data, etc., and is updated every 5 seconds by default (tweak with --write-interval). We can't run two airodump processes on the same radio. Each should have its own dedicated adapter - one for 2.4g and one for 5g.
This logs to scan2ghz-01.csv. Similarly, run a second instance for 5g. The CSV includes BSSID, ESSID, channel, power, #data, etc., and is updated every 5 seconds by default (tweak with --write-interval). We can't run two airodump processes on the same radio. Each should have its own dedicated adapter - one for 2.4g and one for 5g. To reduce latency in data collection, set a shorter --write-interval, e.g. --write-interval 1 to update CSV files every second. This is helpful for real-time polling or monitoring tools that process new results continuously.
**2. Dual-Adapter Scanning on 2.4g and 5g**
To cover the full Wi-Fi spectrum efficiently, we leverage two adapters simultaneously. Though airodump-ng supports multiple interfaces in one command, using separate instances simplifies control.
Both airodump processes can run in parallel, each scanning its own band. Just ensure different -w output prefixes to avoid file conflicts. If desired, you can run both interfaces with one command and control behavior with --cswitch, but separate processes are easier. Check that each instance is hopping through its channels (1-11 and 36+). If the 5g scan shows no results initially, it may be due to current channel inactivity.
Both airodump processes can run in parallel, each scanning its own band. Just ensure different -w output prefixes to avoid file conflicts. If desired, you can run both interfaces with one command and control behavior with --cswitch, but separate processes are easier. Check that each instance is hopping through its channels (1-11 and 36+). If the 5g scan shows no results initially, it may be due to current channel inactivity. Also, if the PWR column shows -1 for all entries, this usually indicates a driver issue or lack of packet capture (not an empty band). Recheck monitor mode status or test with a known active network nearby.
Dual-band APs with same SSID but different BSSIDs will show twice - expected. Use BSSID for deduplication internally. End-user output can omit BSSID :)
@@ -33,4 +33,6 @@ Dual-band APs with same SSID but different BSSIDs will show twice - expected. Us
How Long to Stay on Each Channel? Default airodump hopping is aggressive (~100-250 ms per channel). This is fast but may miss data on quieter APs. Use the -f flag to set dwell time. A dwell of 200-250 ms improves packet capture on each channel. At 200 ms dwell, full 2.4g sweep (11 channels) takes ~2.2 seconds. Start with default. If data counts are low, increase dwell to -f 300. You can experiment live to compare results.
For higher resolution, especially when scripting your own hopping logic, use --channel to lock airodump to one channel (e.g. --channel 1) and loop through them manually. You can still use CSV logging, and this approach helps prevent overlap between processes and gives finer control in state-machine-driven scans.
airodump-ng --band bg -f 200 -w scan2ghz --output-format csv wlan0mon