Wireshark-users: Re: [Wireshark-users] Wireless Capture
From: Kevin Cullimore <kcullimo@xxxxxxxxxx>
Date: Wed, 04 Apr 2012 02:30:42 -0400
On 4/3/2012 9:40 PM, Guy Harris wrote:
On Apr 3, 2012, at 7:30 PM, Barry Constantine wrote:

Besides AirPcap, are there other ways to capture promiscuously on a wireless network and to capture the WiFi physical layer information?
Yes:

	1) run Linux;

	2) run *BSD;

	3) run OS X;

	4) if you're stuck running Windows, do your capture with another application, such as Microsoft Network Monitor:

		http://www.microsoft.com/download/en/details.aspx?id=4865
It's not clear that this option satisfies the "capture the WiFi physical layer information" requirement.

	if you're running Vista or later and have a Wi-Fi adapter with an NDIS 6 river that supports Native Wi-Fi, or TamoSoft CommView for Wi-Fi:

		http://www.tamos.com/products/commwifi/

	   if you have a compatible Wi-Fi adapter and supported Windows version:

		http://www.tamos.com/products/commwifi/adapterlist.php

	   and possibly read those files into Wireshark;

	5) if you're stuck running Windows, and it's Vista or later, and want to capture with Wireshark (or WinDump or any other WinPcap-based application), modify WinPcap so that, on Windows Vista and later, it's an NDIS 6 driver and uses the Native Wi-Fi mechanism (and the monitor mode APIs from libpcap 1.0 and later, which means upgrading WinDump's underlying libpcap version to 1.0 or later).  (Contribute the changes to the WinPcap developers if you don't want to continue supporting them yourself.)

___________________________________________________________________________
Sent via:    Wireshark-users mailing list<wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
              mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe