So here is my setup - Desktop booting a live version of Kali from a USB drive -

Question

So here is my setup

- Desktop booting a live version of Kali from a USB drive

- The standard distro of wireshark that comes with Kali

- A Ralink RT-3070L High gain antenna

- My home network as a sandbox.

When I run wireshark (with my antenna in promiscuous mode) I only see a very small amount of packets from other machines.

I see everything from the machine I am on and I see some things coming from the router.

From my understanding this is indicative of running in Monitor mode. However, that's not what the settings are telling me and I know for a fact this antenna can work in promiscuous mode. Am I missing something?

Explanation / Answer

Put your Wifi card in monitor mode by doing something similar to airmon-ng start wlan0. Then run Wireshark on that interface. You should be able to see some packets other than those meant for your desktop. However when you put it in monitor mode it constantly keeps hopping over the various channels. It'll only capture packets on the channel it is currently on. Hence if all your devices are on different channels, it'll be difficult to monitor all the packets in the air. You can have your access point to use only a specific channel, put the Wifi card on that specific channel(look at airmon-ng options), then sniff with Wireshark on that interface.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.