Re: 802.11 monitoring help

[Frank Barta <fbarta () gmail com>]

There are some tools you can use to decrypt WPA within PCAP files if WPA
decryption is not possible on Linux wireshark. Aircrack-ng includes a tool
called Airdecap-ng which you can use to decrypt the traffic. It's not a
perfect solution however if your use airdecap-ng and leave the 802.11
headers intact, you can match the WLAN SEQ #s from the outfile and the
infile.

Hope this helps!

On Wed, Feb 17, 2010 at 3:27 PM, Joerg Mayer <jmayer () loplof de> wrote:

> On Wed, Feb 17, 2010 at 04:44:57PM +0000, Thomas Morton wrote:
> > I have tried adding WPA decryption keys to Wireshark as well (just in
> > case...) with no joy.
>
> IIRC WPA decryption is not available on Linux - it requires the use of
> airpcap on Windows and if on windows, it will only work with PSK, not
> 802.1X of course.
>
>  ciao
>      Joerg
> --
> Joerg Mayer                                           <jmayer () loplof de>
> We are stuck with technology when what we really want is just stuff that
> works. Some say that should read Microsoft instead of technology.
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe