View Traffic In Real Time

Data that travels over the air and how to protect (or decipher) it

View Traffic In Real Time

Post by AnubisTheJackle on Wed Oct 13, 2010 10:03 pm
([msg=47486]see View Traffic In Real Time[/msg])

Ok, I'm sure there is a way to do this. I just can't figure it out.

What I want to do is view the capture file that I'm capturing using airodump-ng in real time. This is my own personal WPA-PSK TKIP connection. I have 2 laptops running on it at any given time, I'd like to be able to see what the OTHER laptop is doing in real time.

Is there any way to do this? I've attempted to use Wireshark, but it won't even pick up any wireless interfaces so that's a no-go. Currently I can view the data after the fact by running airdecap-ng and then loading the decapped file into Wireshark, but this isn't real time.
AnubisTheJackle
New User
New User
 
Posts: 21
Joined: Tue May 20, 2008 3:08 pm
Blog: View Blog (0)


Re: View Traffic In Real Time

Post by leroux-cifer on Wed Oct 13, 2010 11:55 pm
([msg=47498]see Re: View Traffic In Real Time[/msg])

Try using another wireless card/adapter. That may solve your problem. Otherwise, what you are trying to do is exactly what Wireshark with some ARP poisoning will do. Look into ARP poisoning here: http://www.watchguard.com/infocenter/editorial/135324.asp
"Quis custodiet ipsos custodes?" - Satires of Juvenal

Image
User avatar
leroux-cifer
New User
New User
 
Posts: 21
Joined: Mon Oct 04, 2010 6:21 am
Blog: View Blog (0)


Re: View Traffic In Real Time

Post by Goatboy on Thu Oct 14, 2010 2:52 am
([msg=47501]see Re: View Traffic In Real Time[/msg])

I'd use Wireshark in promiscuous mode, if your card supports it. If not, stick with ARP poisoning.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2816
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: View Traffic In Real Time

Post by leroux-cifer on Thu Oct 14, 2010 3:59 pm
([msg=47532]see Re: View Traffic In Real Time[/msg])

If I'm not mistaken, Wireshark usually defaults to promiscuous mode when capturing packets.
"Quis custodiet ipsos custodes?" - Satires of Juvenal

Image
User avatar
leroux-cifer
New User
New User
 
Posts: 21
Joined: Mon Oct 04, 2010 6:21 am
Blog: View Blog (0)


Re: View Traffic In Real Time

Post by AnubisTheJackle on Fri Oct 15, 2010 9:32 pm
([msg=47616]see Re: View Traffic In Real Time[/msg])

Thank you for the replies. I've not yet figured out how to get my interfaces working with Wireshark, I'm not sure if it's my card/USB adapter, or if it's my stupidity when I got wireshark. I'm still rather new to Linux, and actually managed to make it so Ubuntu won't load for me today, so I'm going to have to reinstall that partition. Oh well, every time I mess up, I learn what not to do next time.
AnubisTheJackle
New User
New User
 
Posts: 21
Joined: Tue May 20, 2008 3:08 pm
Blog: View Blog (0)


Re: View Traffic In Real Time

Post by insomaniacal on Sat Oct 16, 2010 4:28 pm
([msg=47651]see Re: View Traffic In Real Time[/msg])

I've done this with wireshark, but just a cautionary note, It'll look like mumbo-jumbo for the most part unless you filter out your results.

If you haven't already re-installed Linux however, I'd recommend trying to fix it rather than reinstall it. Doing that sort of thing really helps you learn, especially if you're new to a concept.
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)



Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests