This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hello,

I use Wireshark in Kali Linux, I've been having some problems viewing traffic of other computers inside of my own WPA encrypted network. I've added the WPA password, collected the EAPOL 4-Way handshake, as well as having the card in promiscuous mode. I can view DNS/ARP, SSDP (I'm unsure as to what this is), EAPoL, and HTTP NOTIFY (Not POST or GET). If I switch to monitor mode via either the settings or with an airmon-ng command, I can only see beacon packets from surrounding networks (lots of them). I have tried setting http.request.method == GET and have tried http.request.method == POST after doing a lot of internet usage on another laptop as well as the one with Wireshark running, with no packets of these types found. Because I still find packets with text (Not just encrypted jargon), I'm not sure if it's decrypting, or what could be happening under the hood. Are there any parameters I didn't explain in this question? Am I doing something wrong? Thank you for any help!

asked 26 Feb '14, 20:07

Sypheren's gravatar image

Sypheren
1111
accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×293
×73
×36
×23
×19

question asked: 26 Feb '14, 20:07

question was seen: 1,697 times

last updated: 26 Feb '14, 20:07

p​o​w​e​r​e​d by O​S​Q​A