...or you could just buy one of these:
http://www.cacetech.com/products/airpcap.htm
(Apologies for the shameless plug.)
Small, James wrote:
> Cor,
>
> Unfortunately, many wireless cards in Windows do not allow you to do
> network captures. I use to have a link to a web site that explained it
> all and had a list of Wireless NICs/Chipsets and which ones worked or
> didn't work for network captures but now I can't find it.
>
> However, many times you can get around this by bridging if you're using
> XP. Basically, you need to add the Microsoft Bridge and add your
> wireless adapter to it. You then choose the Microsoft MAC Bridge
> Virtual NIC as the capture source instead of the Wireless card. This
> works in the majority of cases - I use it myself.
>
> If I remember correctly, in the Network Control Panel, I believe you
> select two adapters and then select bridge. This creates a Microsoft
> Virtual Bridge with the two adapters as members of the bridge. After
> the bridge is created, you can remove everything except your wireless
> card and try capturing as described above (just go into the bridge
> properties).
>
> When you create the bridge, it acts just like a simple network bridge
> including emitting 802.1d spanning tree BPDUs. Be warned, many switches
> (especially corporate ones) are configured to basically shutdown if they
> detect spanning tree BPDUs. Usually if you're just bridging your
> wireless card this doesn't create problems. However, I have run into
> some instances where the wireless network is seamlessly bridged to a
> wired switch and when the switch detects spanning tree BPDUs, it
> disables the switch port that the access point is on. This is rare but
> possible so be warned!
>
> Also, sometimes my wireless connection can be a little flakey and if I
> remove the bridge the problems go away. That said, I usually always run
> in bridged mode so I can do captures and for the most part it works
> well.
>
> Let me know if you have trouble setting up the bridging,
> --Jim
>
>
>> -----Original Message-----
>>>> I installed Wireshark (Version 0.99.4 (SVN Rev 19757)) on my laptop
>>>> (Acer Aspire 6510 with a build in Intel PRO/Wireless 3945ABG
> network
>>>> card), running Windows XP sp2.
>>>> My LAN has an Asus WL500g router and a 3COM switch for the wired
>>>> desktops attached to it.
>>>>
>>>> When I start capturing on the laptop, the name of my networkcard is
>>>> mentioned in the top of the capture window all right, but no
> captured
>>>> packets are shown, even if I wait for 10 minutes.
>>>>
>>>> I also uninstalled and re-installed WinPcap (version 3.1)
>>>>
>>>> What am I doing wrong? Is this network card the evil part?
>>>> On one of the wired desktops, it works fine.
>
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users