SPAN over wifi

Viewing 8 reply threads
  • Author
    Posts
    • #7646
      kerpap
      Participant

      is there a way to sniff all network traffic on an AP similar to SPAN on a switch?

    • #47733
      hayabusa
      Participant

      Removed my last reply (sorry,) as I’d misread your post, the first time.

      That said, if you can talk to wired clients from your wireless, and vice versa, then a hint might be to start Googling “ARP poisoning”  😉

      That’s how many people bypass the need for a ‘monitor’ port on a switched network, etc, to successfully sniff.

    • #47734
      hayabusa
      Participant
    • #47735
      hell_razor
      Participant

      802.11 is a broadcast medium.  You can capture all packets, up to the bandwidth of your capture device, freely.  The potential issue is being able to decrypt all of the packets, which should also not be a problem if you have the appropriate keys to the data (PSK hopefully).

    • #47736
      hayabusa
      Participant

      @hell_razor – that’s the response I started to lead with, but I think he’s looking to sniff the wired ports and traffic, too.  IE – not just broadcast traffic and such on the wireless, but BOTH wireless and wired clients, such that directed, wired ip traffic (host ip to host ip on wired side) are also seen.

      Then again, maybe I DOUBLE mis-interpreted, and you’re correct in what he wanted, in which case… DOH!  😛

    • #47737
      hell_razor
      Participant

      I probably read AP a little too literally, was thinking a simple AP rather than a router with a hub bridged on it…will blame it on being Friday…

    • #47738
      hayabusa
      Participant

      Either way, hopefully we gave him what he wanted.

    • #47739
      WCNA
      Participant

      Check out airmon-ng. Then run wireshark on mon0.

    • #47740
      kerpap
      Participant

      thanks for all the feedback.

      it is an abstract question. I set up a span port on my switch to monitor traffic. the config on my switch will send all traffic since the AP is connected to a switch.

      this is all really just for fun anyway.

      it got me wondering if there was a way to send the same thing over the air to my laptop. I realize that in an actual production environment that is really stupid. this is purely just for fun at home with my lab

      i’ll keep playing around. another thing I thought was set an AP up on the SPAN port of the switch although I dont really see how that will work. I might try configuring the AP as a repeater so perhaps the traffic will get broadcast.

Viewing 8 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?