Capturing IEEE802.11.x auth and capabilities data with tcpdump?
Solution 1:
The feature to be able to read frames without association is called monitor mode.
Just like promiscuous mode for reading packets not addressed for the host, this IEEE 802.11 counterpart instructs the card&driver to make those frame available.
tcpdump is able to automatically enabled it for you, using the -I
option. Note that activating it "might disassociate from the network with which it's associated", meaning you might get disconnected if that card was also your only link to the web. And if your driver is bad, you might even need to reboot to get the card back to its normal mode of operation.