A new user of wireshark here. I use Wireshark on Kali Linux- I have one network adapter and a wireless usb adapter- Alfa Network. I am able to enable the alfa card for monitor mode. It is a card that is capable of monitoring and injection. However, when I select the capture interface on Wireshark as mon0 or wlan0, it captures the broadcast traffic that other wireless network is sending( not quite sure what the right term here is). I have a laptop using the wifi network as well as my mobile phone but could not capture any related traffic such as http or post. What am I doing wrong here? Should I not use my ethernet during this? I am running as root (although I know it is advise against it). Will running as root causes issues for capture?- Please help/advice. Really appreciate it! asked 06 Nov '13, 06:48  gurushiva |
One Answer:
see my answer to a similar question. Did you follow those steps? Regards answered 07 Nov '13, 01:59  Kurt Knochner ♦ |
Yes, I have been able to airmon-ng wlan0. I notice that if I am connected by the ethernet- I cannot use wlan0 just for capturing. I think i have misunderstood the concept here. If Im connected using wireless connection- all works well (I have yet to do more tests on the packets). However, if I am using a wired connection, I cannot use just use wlan0 for capturing. Assuming this is how the whole concept works, yes?. Please advice. Thank you.
I'm not sure what you mean by this, however: if you capture on wlan0 you will only see your own wifi/wlan traffic. If you capture on mon0 you should see traffic of other clients as well, that communicate on the same wifi/wlan channel.
What I meant- Can I be using a wired connection to have myself connected to the Internet but at the same time- use wlan0/mon0 to monitor clients using my wifi?- Thank you