Wireshark-users: Re: [Wireshark-users] For Mark

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Tue, 2 Dec 2008 01:12:45 -0800

On Dec 1, 2008, at 8:54 AM, Faraz Hasan wrote:

I am sorry this is not a reply to your question but I am sure you can answer mine!

Possibly, but, as he's using Linux, he might not be able to answer your question unless you're using Linux as well or he's familiar with whatever OS you're using.

In any case, your reply went to the list - which is good, because that way other people can also provide information.

I am trying to capture wireless traffic 802.11 using wireshark. Is it only possible when I connect a certain wireless adaptor? I mean is it necessary to have AirPcap adaptor or just any other adaptor? Is it not possoble with just wireshark and WinPcap?

On what operating system are you running Wireshark?

On Windows, WinPcap's ability to capture 802.11 packets on anything other than an AirPcap adapter is limited.

On Linux, *BSD, and Mac OS X, it may be possible, depending on the driver and the version of the operating system, although, currently, the steps you have to go through to capture in "monitor mode" are somewhat complex.

See

	http://wiki.wireshark.org/CaptureSetup/WLAN

for the details.