Wireshark mailing list archives
Re: question about sniffing wireless IPOD conversations
From: Matthew <matthew1471 () matthew1471 co uk>
Date: Thu, 26 Jan 2012 21:39:25 +0000
John, This will probably be frowned upon but I found using the "hacking" tool Cain & Abel to perform an ARP Spoof attack against the device on my network that I wanted to watch allowed me to see the traffic (as after all I no longer needed promiscuous if the traffic was actually being sent to me). Effectively the iPod thinks you are the router, so the traffic is sent via your PC instead of directly to the real router. This obviously has legal implications if you are doing this on anyone else's network (and/or with anyone else's devices) other than your own! The other alternative is to plug in a wireless access point or router into your computers' wired LAN port, tell the device to connect to that and sniff that instead. I used Windows XPs' "Network Bridge" functionality to join the Wired LAN port and my real wireless Internet/Network connection together. On a Netgear router I fell fowl of a bug in the device (http://support.microsoft.com/kb/303743), so had to assign static IPs. Same legal caveats apply. These are terrible workarounds but... work.. I also would not under-estimate how easy it is to boot a Linux LiveCD and use Wireshark on it. It really is just a case of burning it, popping it in your drive and rebooting (and usually that is all it takes!). It will leave your Windows installation alone and a simple reboot returns you back to your familiar Windows desktop. Trace files can be saved to a USB stick. Hope this helps, Matthew On 24/01/2012 21:35, Kevin Cullimore wrote:
On 1/20/2012 1:41 AM, Guy Harris wrote:On Jan 19, 2012, at 5:01 PM, John S wrote:after reading the wireless capture setup, I think the problem is that I'm running Wireshark on Windows XP and this apparently doesn't work well when sniffing other machine's traffic in a wireless network environment. Has anyone found a way to do this?Sometimes, an extra word or two can greatly enhance the focus of a given question: "Has anyone found a FREE/trivially-inexpensive way to do this?"
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Question about seeing Latency in TCP conversations, (continued)
- Re: Question about seeing Latency in TCP conversations Andrej van der Zee (Jan 05)
- Re: Question about seeing Latency in TCP conversations Sheahan, John (Jan 07)
- Re: Question about seeing Latency in TCP conversations Martin Visser (Jan 07)
- Re: Question about seeing Latency in TCP conversations Sheahan, John (Jan 08)
- Re: Question about seeing Latency in TCP conversations Martin Visser (Jan 08)
- question about sniffing wireless IPOD conversations John S (Jan 19)
- Re: question about sniffing wireless IPOD conversations Jaap Keuter (Jan 19)
- Re: question about sniffing wireless IPOD conversations John S (Jan 19)
- Re: question about sniffing wireless IPOD conversations Guy Harris (Jan 19)
- Re: question about sniffing wireless IPOD conversations Kevin Cullimore (Jan 24)
- Re: question about sniffing wireless IPOD conversations Matthew (Jan 26)
- Re: Question about seeing Latency in TCP conversations János Löbb (Jan 09)
- Re: Question about seeing Latency in TCP conversations Martin Visser (Jan 09)