Re: Trying to monitor wireless trafic

Philippe Perrin schrieb:
Hello all

I would like to monitor the network trafic on my home wireless network. I would like to monitor which computers are connected, what they are doing, etc. Actually the same as I could do if I were using Ethereal from a router. My wireless network is protected with a WPA key, which I know of course.
I tried using Ethereal, but it sees only the packets issued by the computer it's running on, not the packets exhanged between the access point and other computers of the network.

Is there any way I can see/capture packets on a WPA-protected network, knowing the key???
You dont need the key to capture the packets.
You need to change the mode of your wireless card to monitor mode.
You´ll obviously still need some tool to decrypt the captured packets with your key. If youre using ndiswrapper youre probably out of luck, as most (to my knowledge) windows drivers dont support monitor mode.
If you can set the mode via iwconfig <device> mode monitor Ethereal/Wireshark will display the raw packets from other devices as you cant send in monitor mode.

Thanks,
Philippe
.

Relevant Pages

  • Re: Good rogue ap finder? or...going down the wrong path?
    ... The packets are actually steered using ... switches to isolate sections, and now all you'd hear is broadcasts such ... But we simply monitor all of the switches and the ARP ... a message is sent to Network Operations and the Security Desk. ...
    (alt.internet.wireless)
  • RE: Detecting WAPs
    ... CTS packets.. ... Now...you could, theoritically, monitor the RTS and CTS packets. ... whether or not you have an AP on the network. ...
    (Security-Basics)
  • Re: How to start Ethereal capture at network usage threshold?
    ... To monitor bandwidth you must capture ALL packets on the network. ... If you want to monitor between certain times you may need to use Windows Task ...
    (microsoft.public.windows.server.networking)
  • Re: Trying to monitor wireless trafic
    ... Managed:switched network. ... Setting the device to monitor mode from managed mode is thus similiar to exchanging a switch with a router. ... Setting promiscous mode is of course necesarry on top of this to capture packets. ...
    (comp.os.linux.networking)
  • Re: Server Performance
    ... Check free disk space; delete Temp files/ Temporary Internet files & ... Remove unnecessary network protocols (NWLink IPX/SPX is often at fault ... > using Performance Logs and Monitor to monitor the server for bottlenecks, ... > but I am not sure which all counters to concentrate on. ...
    (microsoft.public.windows.server.general)