I'm trying to use Wireshark on Backtrack 5 to capture packets that are transmitted through my home wi-fi network.
I'm perfectly able to capture outgoing traffic from localhost and, it seems, incoming traffic to all the hosts connected to the network, but I'm not able to capture outgoing traffic from these hosts to the net.
Any ideas?
Your machine will not by defualt listen to any other traffic other than what's useful for it so it will only pick up on traffic sent to it or broadcasts, you can use airmon-ng to put your card into monitor mode and it will add a device called mon0,
Or you can use Ettercap a tool in backtrack to do a Man in the middle attack, this will direct all traffic to your host and then on to its destination thus letting you use Wireshark or indeed Ettercap to sniff the whole conversation .
Do you have a card that handles monitor mode ? are you capturing from the monitor, as opposed to just using the normal interface in promiscuous mode ? If you are not in monitor mode your radio layer will only listen to transmissions from the base station. (assuming you are running infrastructure mode, not ad-hoc mode)
Also, if you are using WPA, each station uses an individual key derived by a handshake with the base station. If this is the case you will only see broadcast traffic to other hosts (as it gets encrypted by a group key)
