Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cannot dissect IEEE802.11 data frames

From: Vasily Postnicov <shamaz.mazum () gmail com>
Date: Thu, 19 May 2016 16:19:29 +0300
Unfortunately, I cannot check this right now, but thanks for advice anyway.
Do you have any ideas, what these last two bytes might be? Maybe wireshark
has some knob, that makes it read these bytes?
17 мая 2016 г. 20:26 пользователь "Guy Harris" <guy () alum mit edu> написал:


On May 17, 2016, at 5:58 AM, Vasily Postnicov <shamaz.mazum () gmail com>
wrote:


Hello! I am using wireshark 2.0.3 from FreeBSD ports for the first time.

I am not good in computer networks and try to analyze traffic captured over
unencrypted Wi-Fi network. Turns out that data frames dissection is wrong
in my case: wireshark can't dissect further than LLC protocol. I attach
pcap file produced by airodump-ng.

Can you capture with radiotap headers?  That capture was made without
them, but the radiotap header might give Wireshark information it needs to
treat either the 00 00 or the 40 00 before the LLC header in a way that
allows it to find the LLC header properly.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org
?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: