Hi all, Im having problems with setting up my wireshark correctly. It works on my machine and i can see all packets that are sent/received. But when i try to filter via ip.addr == xx.xx.xxx.xxx, for example, it doesn't work. All i am able to see on the wireshark is a few hits from dropbox and i know the machine that im trying to 'sniff' is on the internet and surfing as its right next to me. I have tired the same concept with iPhones on the same network. I am trying to do this wirelessly, not sure if this has any relevance and all the other interfaces that i am trying to sniff are wirelessly connected too. Help would be greatly appreciated Thanks Nicky asked 05 Oct '11, 02:05  Gengisnicky31 |
One Answer:
If using wireless on windows with builtin wireless adapter -> forget it. If using wireless on linux -> search for "wireless" in this Q&A and read the top posts, there are detailed answers answered 05 Oct '11, 08:06  Landi edited 05 Oct '11, 08:07 Im using Apple Mac OS X 10.6.8, how does this change things now?... (06 Oct '11, 15:50) Gengisnicky31 Go with the top posts for wireless data capture and try the hints listed there in detail. If that does not provide you with results, please edit your question and precisely describe which steps are not working. (07 Oct '11, 01:29) Landi |
Are you trying to filter packets while they're being captured, so that packets neither to nor from xx.xx.xxx.xxx are discarded and aren't in the capture, or are you trying to filter packets after they're captured?