Analysing/sniffing packets on my wireless LAN questions

Rikki

2[H]4U
Joined
Oct 8, 2000
Messages
2,302
Hey folks,

Just wondering if anyone can point me in the right direction on a way to sniff/inspect packets on my wireless LAN.

Eg: Run a program on my netbook that monitors wireless traffic and logs whats going in and out.

I've downloaded Wireshark and run it and it seems to be working but when I grab packet data and then on another laptop visit a website and do a search for the website name it doesnt show in the packet data.

Can someone shed some light on this for me as its all a bit unknown for me at present.

Many thanks,

R.
 

Shadowssong

[H]ard|Gawd
Joined
Sep 17, 2009
Messages
1,969
Wireshark would only be showing the packets going between you and your router/switch.
 

Rikki

2[H]4U
Joined
Oct 8, 2000
Messages
2,302
Seems to show traffic going between other ones as well, I can see the IP addresses for my PS3 and other laptop popping up?
 

Shadowssong

[H]ard|Gawd
Joined
Sep 17, 2009
Messages
1,969
Ah ok, might be wrong then. Only traffic I see on my wireshark is my own traffic and arps
 

Rikki

2[H]4U
Joined
Oct 8, 2000
Messages
2,302
Ill double check tonight but Im almost certain I saw the activity of other NICs listed, dont know if traffic was shown but Ill check.
 

Zwitterion

Gawd
Joined
Dec 15, 2002
Messages
938
Haha this sounds legit.

"Guys why can't I see all the traffic everyone is sending over my network?? It's mine I promise." Also ARPs are broadcast packets, so yes you will be able to see them.

I don't see a rules thread so I hope this isn't against the rules but you are going to want to make sure your wireless card is capable of going into monitor mode. I will let you research the rest.
 
Joined
Oct 12, 2007
Messages
643
Wireless is a hub domain, all packets are broadcast within the radio range.

You need to be able to put your wireless adapter in Promiscuous mode, which in my experience can not be done reliably in windows. Download a back-track live cd, and you will be golden.
 

Rikki

2[H]4U
Joined
Oct 8, 2000
Messages
2,302
DL'd the BT4 ISO and put it on a USB drive. Boots up but its CLI driven I take it? This is on a Dell Mini 9.
 

Monkey34

Supreme [H]ardness
Joined
Apr 11, 2003
Messages
5,138
DL'd the BT4 ISO and put it on a USB drive. Boots up but its CLI driven I take it? This is on a Dell Mini 9.
Huh...hadn't seen this distro , although I've seen some of the programs included in it before. I'm going to toy with it a bit. I'm not sure on the CLI......screenies show a debian desktop, so either the usb is CLI, or maybe you just need to root login and launch the GUI?
 

Malk-a-mite

[H]ard|Gawd
Joined
Feb 16, 2002
Messages
2,023
You need to be able to put your wireless adapter in Promiscuous mode, which in my experience can not be done reliably in windows. Download a back-track live cd, and you will be golden.

Doesn't everyone keep a stack of old Cisco wireless cards just for that purpose?


(heh, I got ahold of two and guard them with my life :) )
 

Audiochris

[H]ard|Gawd
Joined
Dec 23, 2000
Messages
1,290
Huh...hadn't seen this distro , although I've seen some of the programs included in it before. I'm going to toy with it a bit. I'm not sure on the CLI......screenies show a debian desktop, so either the usb is CLI, or maybe you just need to root login and launch the GUI?

When you boot the live usb stick, you will automatically be logged in as root at the command line.
 

Rikki

2[H]4U
Joined
Oct 8, 2000
Messages
2,302
From there how do load the program specific to capture the wireless data being transmitted and received? Thanks :)
 

robertp221

Limp Gawd
Joined
Sep 11, 2008
Messages
346
on backtrack once your logged in you can issue the startx command and that puts you in kde.
 
Top