I have tried toggling the promiscuous mode and the "capture packets in pcap-ng format" settings, but I find I am blindly making changes because I don't know how to configure the WireShark/AirPCap combo appropriately to see the actual HTTP traffic. The RN-171 reports which channel it is using when it associates with my wireless network, so I adjust the channel I am monitoring appropriately. What I was expecting (hoping, really) to see was IP addresses in the source and destination fields and "HTTP" in the protocol field, with the actual calls to the web service and the response from the server in the Info field. Next go ro Capture > AirPcap USB wireless capture adapter to select appropriate interface.-Finally click Start Capture, when you’re finished. It presents a detailed output of captured. Gotchas Along with decryption keys there are other preference settings that affect decryption. Driver will pass the keys on to the AirPcap adapter so that 802.11 traffic is decrypted before it's passed on to Wireshark. These packets are all categorized as "802.11" in the protocol field and the info in all of the packets are either QoS Data or Probe Request. WIRESHARK Basic Introduction Wireshark is a network tool for analyzing packets of data. Selecting Wireshark uses Wireshark's built-in decryption features. I can capture some traffic between my RN-171 and my wireless router because I can see the MAC addresses of each in the source and destination fields. I am not a network admin, so I am looking for some remedial assistance (read: I don't know what I'm doing). I am using WireShark 1.12.0 and an AirPCap from Riverbed to analyze communication between a Wi-Fi device (it's an RN-171-EK, so I'll call it an RN-171 from here on out) and a server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |