4/27/2023 0 Comments Wireshark monitor mode![]() ![]() For Windows, this is almost impossible with the built-in adapter. You need specific hardware, and custom drivers, that allow the NIC to use this mode. The most common use-case for monitor-mode is to perform wireless packet captures. You can then review the data in your chosen packet analysis software and dig in to potentially discover the reason for the problem your device is experiencing. The purpose of a packet capture is to "capture" all the data transpiring during the error you are troubleshooting. That may be fine if you are looking to troubleshoot something in the network, for YOUR device, but not so much if you are trying to troubleshoot a WIRELESS/802.11 problem in the AIR.Įverything I've highlighted so far is related to what we call wireless PACKET CAPTURE. This would include things like DHCP, IP addresses, DNS, webpages, etc. ![]() When you are associated/connected to a WLAN, all you can see are the upper layer data flow. Monitor-mode allows the wireless NIC to listen to a specific channel, a set of channels, or ALL the channels in 2.4/5GHz.Īlso, if you cannot place your NIC into monitor-mode you cannot see wireless frames. It requires the ability to manipulate the wireless driver to set the NIC into this mode. This mode is often not simple to achieve. Monitor-mode, or "RF" monitor-mode implies you are not associated/connected to the WLAN, so you are DISCONNECTED, but you are LISTENING, or "monitoring". This is how most people experience Wi-Fi - associated to an AP, doing whatever it is they are doing - watching Netflix, sending an e-mail, upload a file to a server, etc. When a device is associated it can transmit/receive data through the AP. Connected is exactly what it sounds like - the NIC is connected, or in 802.11 parlance, "Associated", to an access point. There are two modes a wireless NIC can be in - connected/disconnected, and monitor-mode. In this article I'll dive in a little deeper to give some insight on what packet captures and RF Monitor-Mode are, are and what they can reveal. In a previous article I did a high-level overview of what wireless site surveys are and what they are used for. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |