This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

WIRELESS ADAPTER IS NOT DETECTED//Unable to capture wireless(802.11 packets)

0

OS: WIN7 HOME PREMIUM CPU: INTEL CORE I5-450M Memory: 500 GB HDD 4 GB DDR3 MEMORY

Adapter: ATHEROS AR5B97

Problem Title: ///WIRELESS ADAPTER IS NOT DETECTED///unable to capture 802.11 packets///

Problem Description:

Dear Sir/Madam

I am with Cisco systems and evaluating the demo version of wildpackets packet capture tool on Windows 7 home premium OS. I am unable to edit the channel number in the 802..11 tab. I also do not see any 802..11 packets.

Can you please help? i am trying to capture on a Acer laptop with Atheros chip. Th laptop is connected wirelessly to the Access Point when I try to capture the log

Regards Kiran

This question is marked "community wiki".

asked 17 Apr '11, 21:34

KIRANBISWAL's gravatar image

KIRANBISWAL
1111
accept rate: 0%


One Answer:

0

On a machine running Windows, to capture anything other than packets to and from your host with Wireshark on an 802.11 network, or to capture on a channel other than the channel for the network with which you're associated, you will have to get an AirPcap adapter.

answered 17 Apr '11, 22:06

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

Hello Guy. thanks for responding. So are you saying wireshark can capture the packets to and from my host? the wireless adapter is not detected at all.

Does the linux version of wireleshark work any differently?

How can I capture a log in promiscuous mode where my wireless adapter will not actively connect withh any AP but capture packets by listening on specific channel?

I used Ethereal before, is Wireshark completely different?

Thanks for your help

Kiran

(17 Apr '11, 23:47) KIRANBISWAL

I'm saying Wireshark can, at least for some wireless adapters, capture traffic to and from your host; I don't know which adapters WinPcap recognizes, or why it doesn't recognize all adapters.

The Linux (and *BSD and Mac OS X) versions of Wireshark work very differently. If you have Wireshark 1.4.0 or later, and libpcap 1.0.0 or later, and Wireshark was built with that version of libpcap, it will have a check box for monitor mode. Otherwise, you'll have to put the adapter into monitor mode yourself, but you'll still be able to use it from Wireshark.

(18 Apr '11, 00:33) Guy Harris ♦♦

The capture mode you're talking about is monitor mode, not promiscuous mode. WinPcap, and thus Wireshark, don't support monitor mode on Windows. Libpcap 1.0.0 and later, as noted, support monitor mode on Linux, *BSD, and Mac OS X; earlier versions don't support it directly, but if you can put the adapter into monitor mode yourself (which you can't do on Windows) Wireshark can use it.

(18 Apr '11, 00:34) Guy Harris ♦♦

"Wireshark" is just the name the program has in version 0.99.2; before that, it was called "Ethereal". The direct support of monitor mode was added in 1.4.0, so the versions called "Ethereal" didn't have that. They, and versions prior to 1.4.0 called "Wireshark", can capture in monitor mode if you put the adapter in monitor mode.

(18 Apr '11, 00:37) Guy Harris ♦♦