I can easily capture packets from my own laptop. However, I am facing some issues when trying to capture packets (my target is HTTP Protocol) for others who are in my network and in the same network address range. I read on some forums that I need to listen to a common denominator that these networks pass by and get their data to/from and the most logical place for that is the router, because all of them and me are connected to it and it is the point of server for all of us. It does both routing and switching. However, whenever I point and filter the traffic that is coming and going through the router using ip.addr == 192.168.1.1 (which is the address of the router) I can not see anything. What am I missing and how is possible to sniff packets in and out of other IP addresses in the same network as mine? asked 02 Dec '15, 04:26  tonysoprano |
One Answer:
You're likely running in a switched network, where the router is the switch. A switch ordinarily does not reflect traffic between two ports to another port, hence you can't see traffic between other devices on your switch port. See the Wiki page on Ethernet capture setup, in particular the information about switched networks. The page has some solutions to your capture issues. answered 02 Dec '15, 04:46  grahamb ♦ |
