Linux Today: Linux News On Internet Time.

More on LinuxToday

How to: Sniff Wireless Packets with WireShark

Dec 17, 2008, 01:34 (0 Talkback[s])
(Other stories by Jim Geier)


Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers

"Before capturing packets, configure WireShark to interface with an 802.11 client device; otherwise, you'll get an alert "No capture interface selected!" when starting a packet capture. To select an interface, click the Capture menu, choose Options, and select the appropriate interface. Be certain to monitor the correct RF channel. For example, if the wireless network is set to channel 1 for the traffic you’re interested in, then configure WireShark to monitor channel 1. To do this, click the Capture menu, choose Options, and click Wireless Settings. The menu Advanced Wireless Settings will appear where you can change the channel.

"Consider filtering the packet capture to reduce clutter when analyzing packet traces. For example, you may be troubleshooting a particular client device connecting to the network. In this case, you can set a filter that excludes all packets except those associated with the IP address of the client you’re troubleshooting. To set a filter, click the Capture menu, choose Options, and click WireShark: Capture Filter will appear where you can set various filters."

Complete Story

Related Stories: