Hi all, I'm working on my project and it requires me to capture traffic on a network. below is the description of the scenario: I'm running wire-shark on a Kali Linux virtual machine installed on a mac air laptop. I want to capture the traffic on the router network using the wire-shark installed on the kali linux. current i only receive DNS, ARP, ICMP Traffic. I do need help to achieve the following
Thanks asked 13 Jan '17, 12:13 edafe |
2 Answers:
Read the following: Wired Ethernet = https://wiki.wireshark.org/CaptureSetup/Ethernet answered 13 Jan '17, 12:27 Amato_C |
You really can't set monitor mode with your current setup. If you are on a VM, as you describe, all interfaces are virtual and further 'wired'. So @Amato's links are certainly appropriate, especially the wired one. If you want wireless traffic, you need direct access to the wireless hardware which does not really come through a VM (in general). Why not capture on the MAC directly? If you use @Amato's wireless link, you will find the MAC will go into monitor mode nicely and pick up lots of wireless frames. It's actually a great tool for wireless traffic capture. Alternatively, add a USB wifi adapter and pass the USB into the VM and then you could have Linux put the device into monitor mode, etc. Also if you just need the network traffic for some purpose, wired traffic capture is much easier. answered 13 Jan '17, 14:31 Bob Jones |