Wireshark mailing list archives

Re: question about sniffing wireless IPOD conversations

From: Kevin Cullimore <kcullimo () runbox com>
Date: Tue, 24 Jan 2012 16:35:27 -0500

On 1/20/2012 1:41 AM, Guy Harris wrote:

On Jan 19, 2012, at 5:01 PM, John S wrote:

after reading the wireless capture setup, I think the problem is that I'm running Wireshark on Windows XP and this apparently 
doesn't work well when sniffing other machine's traffic in a wireless network environment.

Has anyone found a way to do this?

Sometimes, an extra word or two can greatly enhance the focus of a givenquestion:


"Has anyone found a FREE/trivially-inexpensive way to do this?"

The challenge of clarifying "this" might pose a greater challenge:

If "this" refers to setting the wireless adapter transmitting &receiving the packets in question as the capture interface while runningwireshark atop M$ windows operating systems, then the limitationsreferred to below apply. Otherwise, hardware-based solutions stillappear to work (in this case, it would be somewhat inexcusable if theydidn't):


http://www.riverbed.com/us/products/cascade/wireshark_enhancements/airpcap.php

The only programs I know that can do Wi-Fi captures on Windows XP, such as Tamosoft's CommView for WiFi:

        http://www.tamos.com/products/commwifi/

or WildPackets' OmniPeek:

        http://www.wildpackets.com/products/portable_analysis/omnipeek_software

do so by providing their own device drivers for a set of supported 802.11 adapters.  Even Microsoft's own Network 
Monitor 3:

        http://blogs.technet.com/b/netmon/

only supports Wi-Fi capturing on Windows Vista and Vista 7; they rely on some networking features that first showed up in Vista 
(NDIS 6 and Native Wi-Fi) and, I think, rely on the driver for the Wi-Fi adapter to support Native Wi-Fi).  Wireshark uses 
WinPcap on Windows; WinPcap doesn't use the Vista-and-later networking features and thus doesn't support monitor mode 
on Wi-Fi.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list<wireshark-users () wireshark org>
Archives:http://www.wireshark.org/lists/wireshark-users
Unsubscribe:https://wireshark.org/mailman/options/wireshark-users
              mailto:wireshark-users-request () wireshark org?subject=unsubscribe



___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

Re: Question about seeing Latency in TCP conversations, (continued)
- - - Re: Question about seeing Latency in TCP conversations Martin Visser (Jan 04)
  - Re: Question about seeing Latency in TCP conversations Andrej van der Zee (Jan 05)
  - Re: Question about seeing Latency in TCP conversations Sheahan, John (Jan 07)
    - Re: Question about seeing Latency in TCP conversations Martin Visser (Jan 07)
    - Re: Question about seeing Latency in TCP conversations Sheahan, John (Jan 08)
    - Re: Question about seeing Latency in TCP conversations Martin Visser (Jan 08)
    - question about sniffing wireless IPOD conversations John S (Jan 19)
    - Re: question about sniffing wireless IPOD conversations Jaap Keuter (Jan 19)
    - Re: question about sniffing wireless IPOD conversations John S (Jan 19)
    - Re: question about sniffing wireless IPOD conversations Guy Harris (Jan 19)
    - Re: question about sniffing wireless IPOD conversations Kevin Cullimore (Jan 24)
    - Re: question about sniffing wireless IPOD conversations Matthew (Jan 26)
    - Re: Question about seeing Latency in TCP conversations János Löbb (Jan 09)
    - Re: Question about seeing Latency in TCP conversations Martin Visser (Jan 09)