>
I guess BackTrack 4 would at least provide you with a more up to date and
capable Wireshark, although I've a hard time finding the package list for it.
Indeed. :D I just updated to the latest version (painless but it took an age to compile :P).
No extra luck though sadly :(
> IIRC WPA decryption is not available on Linux - it requires the use of
airpcap on Windows and if on windows, it will only work with PSK, not
802.1X of course.
I was under the impression using airpcap was an optional extra on WIndows - but that Wireshark could decrypt packets (the userguide suggests this). I will have a re-read.
> it will only work with PSK, not 802.1X of course.
Im not sure I understand that. Surely if the PSK is known traffic can be decrypted and the 802.11 traffic can then be decoded into HTTP etc.?
> . Aircrack-ng includes a tool called Airdecap-ng which you can use to decrypt the traffic.
Ah man :( I feared this is where I would have to go. Thanks for the tip - I'll give it a go and let you know what happens.
Thanks for all the hints/tips. If anyone else has more to add please do :D
Tom
On 17 February 2010 21:46, Jaap Keuter
<jaap.keuter@xxxxxxxxx> wrote:
Thomas Morton wrote:
> Im trying to monitor traffic on a wireless network. I have Wireshark
> running on Backtrack Linux and a Ubiquiti wireless card (which supports
> promiscuous mode).
...
> Version is 1.0.3.
>
Hi,
I guess BackTrack 4 would at least provide you with a more up to date and
capable Wireshark, although I've a hard time finding the package list for it.
Thanks,
Jaap