|
Title: Ethereal Packet Capturing Post by: Goders on January 01, 2006, 05:57:00 PM Hello. I am running Windows XP Tablet Edition, Using the Intel(R) PRO/Wireless 2200BG , wireless card. I am trying to capture packets that are sent and recieved on my home network, but for some reason the only packets that I am recieving are those from my own computer. Also, the only way that I can capture them is if I am not in Promiscous Mode. Can someone please help me out?
Title: Re: Ethereal Packet Capturing Post by: Dengar13 on January 02, 2006, 12:51:03 AM Do you have a swich at home? From my understanding, Ethereal must sit on a port on a switch.
Title: Re: Ethereal Packet Capturing Post by: Synister Syntax on January 02, 2006, 03:59:49 PM This is typical for a switched network. If you are using a Linksys or other recently produced consumer grade "router" then you are most likely on a switched network, therefore will only see broadcast packets and your own. You could throw a hub in between the switch and modem, and sniff from there.
As far as modes go, some work in Promiscuous Mode, others do not. You could pick up a cheap PCMCIA card at your local store if you want a card that supports Promiscuous Mode. If you have any other questions, please feel free to ask. Title: Re: Ethereal Packet Capturing Post by: AUGrad on January 04, 2006, 10:20:02 AM Another thing to consider: If you're connected to your network wirelessly and have other machines connected via wire, some home wireless routers put the wireless PC's and the wired PC's in different VLANs. You may have better luck sniffing broadcast traffic over a wired connection.
Title: Re: Ethereal Packet Capturing Post by: Goders on January 17, 2006, 09:12:35 PM What about NAT networks, via wire of course?
Title: Re: Ethereal Packet Capturing Post by: pcsneaker on January 18, 2006, 04:09:12 AM From wiki.ethereal.com: (http://wiki.ethereal.com/CaptureSetup/WLAN#head-02456742c655394c9e948a4c9a59d3441c92782f)
Quote Windows Capturing WLAN traffic on Windows depends on WinPcap and on the underlying network adapters and drivers. Unfortunately, most drivers/adapters support neither monitor mode, nor seeing 802.11 headers when capturing, nor capturing non-data frames. Promiscuous mode can be set; unfortunately, it's often crippled. In this mode many drivers don't supply packets at all, or don't supply packets sent by the host. If you experience any problems capturing packets on WLANs, try to switch promiscuous mode off. In this case you will have to capture traffic on the host you're interested in. If anybody finds an adapter and driver that do support promiscuous mode, they should mention it at the bottom of this page, for the benefit of other users. See [WWW]MicroLogix's list of wireless adapters, with indications of how well they work with WinPcap (Ethereal uses WinPcap to capture traffic on Windows), for information about particular adapters. Title: Re: Ethereal Packet Capturing Post by: Oyle on April 05, 2006, 07:02:33 PM You also need to make sure you have the WinPCap packet capture library instsalled, or Ethereal will be severely crippled, and may not run at all. It is a free download, and I believe it is included when you download Ethereal, but you will still need to install it manually.
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |