This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi all,

I'm working on my project and it requires me to capture traffic on a network. below is the description of the scenario:

I'm running wire-shark on a Kali Linux virtual machine installed on a mac air laptop.

I want to capture the traffic on the router network using the wire-shark installed on the kali linux.

current i only receive DNS, ARP, ICMP Traffic. I do need help to achieve the following

  1. How can i set the network on a monitor mode.
  2. how do i successful capture tcp traffic and other relevant traffic.

Thanks

asked 13 Jan '17, 12:13

edafe's gravatar image

edafe
6112
accept rate: 0%


permanent link

answered 13 Jan '17, 12:27

Amato_C's gravatar image

Amato_C
1.1k142032
accept rate: 14%

You really can't set monitor mode with your current setup. If you are on a VM, as you describe, all interfaces are virtual and further 'wired'. So @Amato's links are certainly appropriate, especially the wired one. If you want wireless traffic, you need direct access to the wireless hardware which does not really come through a VM (in general).

Why not capture on the MAC directly? If you use @Amato's wireless link, you will find the MAC will go into monitor mode nicely and pick up lots of wireless frames. It's actually a great tool for wireless traffic capture.

Alternatively, add a USB wifi adapter and pass the USB into the VM and then you could have Linux put the device into monitor mode, etc.

Also if you just need the network traffic for some purpose, wired traffic capture is much easier.

permanent link

answered 13 Jan '17, 14:31

Bob%20Jones's gravatar image

Bob Jones
1.0k2515
accept rate: 21%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×752
×549
×293
×166
×115

question asked: 13 Jan '17, 12:13

question was seen: 38,919 times

last updated: 13 Jan '17, 14:31

p​o​w​e​r​e​d by O​S​Q​A