> Presumably by "PCAP (or similar) adapters" you mean
> "AirPcap (or
> similar) adapters":
Correct. We've grown accustomed to calling them "PCAP" for short.
--- On Sun, 11/1/09, Guy Harris <guy@xxxxxxxxxxxx> wrote:
> From: Guy Harris <guy@xxxxxxxxxxxx>
> Subject: Re: [Wireshark-users] Sniffing Wireless with Wireshark?
> To: "Community support list for Wireshark" <wireshark-users@xxxxxxxxxxxxx>
> Date: Sunday, November 1, 2009, 3:42 AM
>
> On Oct 31, 2009, at 9:42 PM, Steve Evans wrote:
>
> > Are you using PCAP (or similar) adapters?
>
> Presumably by "PCAP (or similar) adapters" you mean
> "AirPcap (or
> similar) adapters":
>
> http://www.cacetech.com/products/airpcap.html
>
> Windows, prior to the adoption of "Native 802.11":
>
> http://msdn.microsoft.com/en-us/library/aa503061.aspx
>
> was not very friendly towards capturing on 802.11 networks,
> and, even
> with Native 802.11, capturing with WinPcap (the capture
> mechanism
> Wireshark uses on Windows) doesn't work all that well
> (WinPcap doesn't
> support NDIS 6, and thus doesn't support Native
> 802.11). With
> WinPcap, on 802.11 networks, you can capture with
> promiscuous mode
> off, and capture traffic to and from your machine, which
> will
> *probably* work; promiscuous mode might not work at all,
> and monitor
> mode isn't supported.
>
> AirPcap adapters are special (they don't plug into the
> normal Windows
> networking stack, so they can't be used as normal adapters
> to join a
> wireless network), and can capture (in what amounts to
> monitor mode)
> on Windows.
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>