All Questions
Tagged with wireshark wireless-networking
155
questions
1
vote
0
answers
27
views
802.11 frames gets resent by my linux
My program is sending custom 802.11 frames for WPA handshake, like authentication, association or acknowledgement. Yet the operating resend the same packet with modifying its radiotapheader and ...
0
votes
0
answers
40
views
Downloads stop suddenly in 5ghz only
Without the possibility of using a wired connection, I use a Wifi connection via tplink router an Intel Wifi 6E 160MHz card(latest Intel driver installed) on Windows 10.
I use an application (latest ...
0
votes
1
answer
69
views
From a computer connected in Wifi, can I see the traffic of ethernet-connected computers, with Wireshark?
In the following network, if I open Wireshark on ComputerA, can I see the traffic of ComputerB (to internet) with Wireshark?
____________________
| Home router |
| (provided by ISP) |
| 192....
0
votes
0
answers
190
views
Wpa PTK and GTK in detail
I have been checking Pairwise and Group Transient keys in a network for security. I understand
PTK is derived from = PMK, AP nonce (ANonce), STA nonce (SNonce), AP MAC address, and STA MAC address
...
0
votes
0
answers
213
views
Setting MacOS Airport Utility into monitoring multiple channels
I am using MacBook Pro 14' 2021 M1 Pro with MacOS Ventura 13.3.1. I would like to use wireshark in monitor mode with wifi interface. I have read, that I can switch 802.11 channels with the command:
/...
0
votes
1
answer
194
views
Reassemble Wireshark WiFi captured LLC packets into original message
I have the following setup within my own WiFi network: one machine (A) connected to my WiFi (which connects to the internet), and one machine (B) running Wireshark, with a WiFi adapter in monitoring ...
0
votes
2
answers
3k
views
Wireshark filtering, wpa2 handshake type value and other types
I am capturing a wpa2 handshake with wireshark, and there is the type value of 03 which is a key I wonder if this type is constant for wpa2 handshakes, also the value of other types, if there were to ...
0
votes
1
answer
1k
views
How to capture TCP/UDP, HTTP traffic on wireshark. Only getting 802.11 from my machine with adp
So I am fairly new to using Wireshark and cannot figure out how to capture all the traffic on my network. The steps I have taken are putting my card into monitor mode then opening Wireshark and ...
0
votes
0
answers
395
views
Why does wireshark say invalid key format?
Upon trying to enter wpa-pwd or wpa-psk, wireshark says "invalid key format" before I even begin to enter the password/key. Am I not entering it into wireshark the right way?
1
vote
1
answer
775
views
How does 802.11a,b,g,n,ac and channel factor into sniffing with wireshark?
I have been playing around with wireshark lately and am wondering how your 802.11 version as well as channel impact packet capture? If my router uses 802.11a,g,n and ac and my wifi adapter uses 802....
0
votes
1
answer
41
views
Host seemingly isolated from other hosts on my network
I came across a weird issue an I need help to locate the problem or at least reduce the search area. I'll give a general insight but I can provide details on request.
I have an HP laptop which runs ...
0
votes
1
answer
337
views
How can I monitor a wi-fi device communication like monitoring an Ethernet-linked device using port-mirroring switch and WireShark?
In an Ethernet network, it's well-known to connect devices with a port-mirroring switch and then watch communication among devices using WireShark. Before WireShark can capture packets from other ...
1
vote
0
answers
395
views
How do I capture non-local packets using WireShark on MacOS?
This is a pretty simple question.
I'm trying to use WireShark to capture packets using my MacBook Pro 2019. Every time I run a capture on en0 (my Wi-Fi interface), all I am seeing is packets directed ...
8
votes
1
answer
3k
views
Why, if I am connected via Wi-Fi and send a packet to another device in the same Wi-Fi, the dest MAC address in the link layer is not the AP's?
In the IEEE 802.11 protocol, in the link frame, the second address is the sender MAC address, and the first address is the receiver MAC address, which is the AP address if the sender is a station, and ...
0
votes
1
answer
3k
views
How to read mDNS response so I can parse it?
I know nmap has mDNS service discovery script but it wasn't helpful in my case as it doesn't include the correct service names.
So I want to parse the following response as caught in wireshark, any ...