Wireshark mailing list archives
Re: 802.11 monitoring help
From: Gerald Combs <gerald () wireshark org>
Date: Thu, 18 Feb 2010 12:30:02 -0800
Thomas Morton wrote:
I was under the impression using airpcap was an optional extra on WIndows - but that Wireshark could decrypt packets (the userguide suggests this). I will have a re-read.
That's correct. 802.11 decryption should work no matter what on any platform provided: - You've captured the 4-way EAPOL handshake necessary to derive the keys (try filtering for "eapol"). - You've toggled the "Assume Packets Have FCS" and "Ignore the Protection bit" appropriately for the way your driver delivers 802.11 frames - You're using pre-shared keys. - You have a recent version of Wireshark. Various decryption bugs have cropped up in older versions. -- Join us for Sharkfest ’10! · Wireshark® Developer and User Conference Stanford University, June 14-17 · http://www.cacetech.com/sharkfest.10/ ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- 802.11 monitoring help Thomas Morton (Feb 17)
- Re: 802.11 monitoring help Frank Barta (Feb 17)
- Re: 802.11 monitoring help Thomas Morton (Feb 17)
- Re: 802.11 monitoring help Joerg Mayer (Feb 17)
- Re: 802.11 monitoring help Frank Barta (Feb 17)
- Re: 802.11 monitoring help Jaap Keuter (Feb 17)
- Re: 802.11 monitoring help Thomas Morton (Feb 18)
- Re: 802.11 monitoring help Gerald Combs (Feb 18)
- Re: 802.11 monitoring help Thomas Morton (Feb 18)
- Re: 802.11 monitoring help Frank Barta (Feb 17)