JohnDoeY

Network Monitor Port Monitoring : Cacti (free) Device Monitoring: Nagios / Icinga / Check_MK SIEM: Splunk / SyslogD (for up to 500MB Data / Day free) Traffic Analysis: Security Onion (Snort, Bro, Snorby..., free) Pattern Detection - Endpoint: Trend Micro Client Server messaging suite Pattern Detection - Gateway / Proxy: Bluecoat Proxy SG with CAS Services Pattern Detection - Gateway / Router: Kaspersky Engine / IDS Components from Juniper Pattern Detection / AV / Log Inspection etc: Trend Micro Deep Security Auditing: openVAS (free with community license) All of those is / has been running on my networks, sadly there is no "one size fits all" product with one single report builder, so its a ton of information to look after

Another free option is GhettoVCB: https://github.com/lamw/ghettoVCB

I tested the latest VMWare Fusion AND MacOS Version together today on my wifes MacBook, again: no issues. Works like it should. So its: three devices with different patch levels and all the same Kali and the same antenna. Maybe your USB Port, the USB Cable or the MacBook himself got issues? The tree devices i tested on are: MacBook Pro, 15", Late 2009 MacBook Pro, 15", Mid 2010 MacBook Pro, 15", Mid 2014

yes, runs fine. I run check kill now before doing anything else, hit the same problem with fluxion, check kill solves it

Solved it (for now): a simple airmon-ng check kill did the trick. Now i can see networks in airodump. Running VMWare Fusion 8.1.0, MacOS 10.12.6 Sorry for thread-hijacking beeps and thanks for the conclusion with Live Kali 2017.1 from stick, will try this in addition

Which Version of VMWare Fusion / MacOS you´re running?

Tried around a bit today and found out, that this seems to be a issue with switching from AP mode to Monitor mode and vice versa: root@kali:~# uname -a Linux kali 4.9.0-kali4-amd64 #1 SMP Debian 4.9.30-2kali1 (2017-06-22) x86_64 GNU/Linux root@kali:~# iwconfig lo no wireless extensions. eth0 no wireless extensions. wlan0mon IEEE 802.11 Mode:Monitor Frequency:2.457 GHz Tx-Power=20 dBm Retry short limit:7 RTS thr:off Fragment thr:off Power Management:off root@kali:~# iwconfig lo no wireless extensions. wlan0 IEEE 802.11 ESSID:off/any Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm Retry short limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off eth0 no wireless extensions. root@kali:~# iwlist scan lo Interface doesn't support scanning. wlan0 No scan results eth0 Interface doesn't support scanning. root@kali:~# airmon-ng start wlan0 Found 3 processes that could cause trouble. If airodump-ng, aireplay-ng or airtun-ng stops working after a short period of time, you may want to run 'airmon-ng check kill' PID Name 495 NetworkManager 598 dhclient 839 wpa_supplicant PHY Interface Driver Chipset phy0 wlan0 rt2800usb Ralink Technology, Corp. RT2870/RT3070 (mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon) (mac80211 station mode vif disabled for [phy0]wlan0) root@kali:~# airodump-ng -c 6 wlan0mon CH 6 ][ Elapsed: 6 s ][ 2017-08-06 13:01 BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID BSSID STATION PWR Rate Lost Frames Probe root@kali:~# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.178.50 netmask 255.255.255.0 broadcast 192.168.178.255 inet6 fe80::20c:29ff:fe59:1a61 prefixlen 64 scopeid 0x20<link> inet6 2a02:810d:2a40:520:d153:c5db:b464:ab6c prefixlen 64 scopeid 0x0<global> inet6 2a02:810d:2a40:520:20c:29ff:fe59:1a61 prefixlen 64 scopeid 0x0<global> ether 00:0c:29:59:1a:61 txqueuelen 1000 (Ethernet) RX packets 2776 bytes 1777366 (1.6 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1403 bytes 335622 (327.7 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Lokale Schleife) RX packets 129 bytes 15201 (14.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 129 bytes 15201 (14.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlan0mon: flags=867<UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,ALLMULTI> mtu 1500 unspec 00-C0-CA-95-6C-EF-30-3A-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 Then, unplug the USB Stick and Plug in again: root@kali:~# iwlist scan lo Interface doesn't support scanning. wlan0 Failed to read scan data : Network is down eth0 Interface doesn't support scanning. root@kali:~# iwlist scan lo Interface doesn't support scanning. wlan0 Interface doesn't support scanning : Device or resource busy eth0 Interface doesn't support scanning. root@kali:~# iwlist scan lo Interface doesn't support scanning. wlan0 Interface doesn't support scanning : Device or resource busy eth0 Interface doesn't support scanning. root@kali:~# iwlist scan lo Interface doesn't support scanning. wlan0 Scan completed : Cell 01 - Address: E4:18:6B:8B:F5:DE Channel:1 Frequency:2.412 GHz (Channel 1) Quality=33/70 Signal level=-77 dBm Encryption key:on ESSID:"intern34" Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 9 Mb/s 18 Mb/s; 36 Mb/s; 54 Mb/s Bit Rates:6 Mb/s; 12 Mb/s; 24 Mb/s; 48 Mb/s Mode:Master Extra:tsf=000001541d04c151 Extra: Last beacon: 13720ms ago IE: Unknown: 0008696E7465726E3334 IE: Unknown: 010882848B961224486C IE: Unknown: 030101 IE: Unknown: 32040C183060 IE: Unknown: 0706444520010D14 IE: Unknown: 33082001020304050607 IE: Unknown: 33082105060708090A0B IE: Unknown: 050400010000 IE: Unknown: DD310050F204104A0001101044000102104700102880288028801880A880E4186B8BF5DE103C0001011049000600372A000120 IE: Unknown: 2A0104 IE: Unknown: 2D1A6E1017FFFF0000010000000000000000000000000C0000000000 IE: Unknown: 3D1601000600000000000000000000000000000000000000 IE: Unknown: 4A0E14000A002C01C800140005001900 IE: Unknown: 7F0101 IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : CCMP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK IE: Unknown: DD180050F2020101000003A4000027A4000042435E0062322F00 IE: Unknown: 0B05010003127A IE: Unknown: DD07000C4304000000 <snip> Cell 02 - Address: 5C:49:79:70:7A:74 Channel:1 Frequency:2.412 GHz (Channel 1) Quality=41/70 Signal level=-69 dBm Encryption key:on ESSID:"Kalb1920" Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s 9 Mb/s; 12 Mb/s; 18 Mb/s Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s Mode:Master Extra:tsf=0000000001bdff83 Extra: Last beacon: 7484ms ago IE: Unknown: 00084B616C6231393230 IE: Unknown: 010882848B968C129824 IE: Unknown: 030101 IE: Unknown: 0706444520010D14 IE: Unknown: 2A0100 IE: Unknown: 3204B048606C IE: Unknown: 2D1AAD011BFFFFFF00000000000000000001000000000406E6470D00 IE: Unknown: 3D1601000100000000000000000000000000000000000000 IE: Unknown: 7F080000000000000040 IE: Unknown: DD180050F2020101000003A4000027A4000042435E0062322F00 IE: Unknown: DD0900037F01010000FF7F IE: Unknown: DD0C00040E010102010000000000 IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : CCMP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK IE: Unknown: And: Voila, i can see other networks. Then, i switch to monitor mode, just to see nothing again: root@kali:~# airmon-ng start wlan0 Found 3 processes that could cause trouble. If airodump-ng, aireplay-ng or airtun-ng stops working after a short period of time, you may want to run 'airmon-ng check kill' PID Name 495 NetworkManager 598 dhclient 839 wpa_supplicant PHY Interface Driver Chipset phy1 wlan0 rt2800usb Ralink Technology, Corp. RT2870/RT3070 (mac80211 monitor mode vif enabled for [phy1]wlan0 on [phy1]wlan0mon) (mac80211 station mode vif disabled for [phy1]wlan0) root@kali:~# airodump-ng -c 6 wlan0mon CH 6 ][ Elapsed: 18 s ][ 2017-08-06 13:10 BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID BSSID STATION PWR Rate Lost Frames Probe root@kali:~# airmon-ng stop wlan0 PHY Interface Driver Chipset phy1 wlan0mon rt2800usb Ralink Technology, Corp. RT2870/RT3070 root@kali:~# airmon-ng stop wlan0mon PHY Interface Driver Chipset phy1 wlan0mon rt2800usb Ralink Technology, Corp. RT2870/RT3070 (mac80211 station mode vif enabled on [phy1]wlan0) (mac80211 monitor mode vif disabled for [phy1]wlan0mon) root@kali:~# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.178.50 netmask 255.255.255.0 broadcast 192.168.178.255 inet6 fe80::20c:29ff:fe59:1a61 prefixlen 64 scopeid 0x20<link> inet6 2a02:810d:2a40:520:d153:c5db:b464:ab6c prefixlen 64 scopeid 0x0<global> inet6 2a02:810d:2a40:520:20c:29ff:fe59:1a61 prefixlen 64 scopeid 0x0<global> ether 00:0c:29:59:1a:61 txqueuelen 1000 (Ethernet) RX packets 3884 bytes 1864850 (1.7 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2208 bytes 849044 (829.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Lokale Schleife) RX packets 129 bytes 15201 (14.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 129 bytes 15201 (14.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlan0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 96:3d:9b:82:b2:92 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 root@kali:~# iwlist scan lo Interface doesn't support scanning. wlan0 Interface doesn't support scanning : Device or resource busy eth0 Interface doesn't support scanning. root@kali:~# iwlist scan lo Interface doesn't support scanning. wlan0 No scan results eth0 Interface doesn't support scanning.

Hi everyone, first post, so: Hello :) got exactly the same issue here with a AWUS036NEH on Kali, newest release, VMWARE Fusion on MacOS. Stick is recognized, but can’t see any networks nor works in monitor mode. On MacOS the stick works fine but can’t monitor either as for the limitations of the airport utilitiy only for internal wifi cards. Any advice would be great