This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Can some one tell me if this software is for capturing all the data that goes through my wireless router? If it is, where I could find the instructions to set it up or if it is not, what software could I use to accomplish this? We connect couples Ipads, an Iphone and note3, one laptop and a desktop. I want to be able to capture all the data(websites browsed, email content, facebook, whatsapp messages, etc... Thanks.

asked 10 May '15, 15:20

cubilla1506's gravatar image

cubilla1506
6112
accept rate: 0%


The simple answer is yes, Wireshark can capture the data going through a wireless router. If you are interested in capturing over the air (i.e., using a separate laptop/PC to capture WiFi packets) then please read the following Wiki: https://wiki.wireshark.org/CaptureSetup/WLAN

Some wireless routers allow users to capture directly from the router using tcpdump or some other tool. If you do not want to capture over the air, then you might want to investigate this option.

permanent link

answered 10 May '15, 17:31

Amato_C's gravatar image

Amato_C
1.1k142032
accept rate: 14%

I think Wireshark's role is better described as an analyzer of captured data. When it comes to actually capturing packets, usually the main challenge is in getting your system to 'see' the packets you're trying to capture (eg: for your wireless router, the challenge is to get all the packets the router sees in one place where you can perform a capture). Once you have a system that is receiving all the packets you want to capture, many tools (tcpdump, snoop, dumpcap) can do the actual capture itself. The power of Wireshark lies in its ability to help analyze the packets once they are captured.

In fact, Wireshark itself doesn't really capture packets at all. Rather, it calls on dumpcap behind the scenes when you perform captures in the GUI.

So, for the task at hand I wouldn't start by asking about wireshark. Rather, start with what is fundamentally a network question (how do I get a system capable of capturing packets in a position in the network where it can receive all the packets that I want to capture).

There are many solutions for that task depending on the network. As mentioned if you have a Wifi router that supports native packet captures, that's one way. Another is "SPAN" ports, or "port mirroring", where a switch will forward all the packets it sees from one or more ports and forward them on to another port (as a "mirror" port) so that a system running Wireshark can capture the packets and analyze them.

permanent link

answered 10 May '15, 19:25

Quadratic's gravatar image

Quadratic
1.9k6928
accept rate: 13%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×549
×122

question asked: 10 May '15, 15:20

question was seen: 1,889 times

last updated: 10 May '15, 19:25

p​o​w​e​r​e​d by O​S​Q​A