This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Wireshark not seeing any packets on other devices on my MacBook Air

0

Running wireshark for the first time. In capture interfaces, I see en0, p2p0 and lo0. I select en0 and it doesn't show any packets from any other devices connected to the network.

I feel like a missed a step. Any ideas? Thanks!

asked 11 Jan '13, 17:29

James%20Hess's gravatar image

James Hess
1112
accept rate: 0%

edited 13 Jan '13, 00:21

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196

2 Answers:

1

If this is on a MacBook Air, en0 is the 802.11 interface (OS X gives 802.11 interfaces enN names). If so, then you would need to run in monitor mode to capture traffic from other adapters, and even then, if you're on a WEP or WPA/WPA2-protected network, you'll have to configure Wireshark to decrypt those packets, and for WPA/WPA2, that means you'll have to capture the initial traffic from those other devices, i.e. start capturing before they connect to the network.

answered 13 Jan '13, 00:23

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

0

We're living in a switched world where packets are generally sent specifically to each host and not to all hosts on the network (the old hub days). Have a look at:

answered 12 Jan '13, 02:19

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%