This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Wireless Adaptor not seen by Wireshark

0

Hello, I just wanted to install Wireshark on on laptop. Here's the setup:

Compaq R3000

Win7 Ultimate

Broadcom 802.11g Network Adaptor

Driver Version 4.176.75.21

Wireshark Version 1.4.1

So then I install the wireshark, and the wireless adapter is not shown as an option, can anyone help me out with why this wireless adapter is not showing up?

asked 05 Nov '10, 19:52

shark_f00's gravatar image

shark_f00
1112
accept rate: 0%

edited 05 Nov '10, 19:54


3 Answers:

2

Assuming you don't have an Ethernet cable plugged into your system, select Capture > Interfaces. Now go browse a site using your WLAN connection. Return to your Capture Interfaces window. Do you see that any of your adadpters has seen packets? If so, there's your WLAN card.

You can rename the card for easier identification later. Go to Edit > Preferences > Capture > Interfaces:Edit and put in a comment like Native Wireless. When you look at Capture > Interfaces again, you'll see the new name.

answered 06 Nov '10, 19:35

lchappell's gravatar image

lchappell ♦
1.2k2730
accept rate: 8%

0

From a mailinglist post from Gianluca Varenni back in 2008:

starting from Vista, wireless drivers can be old style (NDIS 5.x) working exactly like in Windows 2000/XP, or native Wifi drivers (NDIS6). In this case the driver is lightweight and delivers 802.11 frames to an intermediate driver (developed by MS) that converts 802.11 frames into cooked 802.3 frames that can be managed by the upper protocols like the TCP/IP stack. This intermediate driver is also responsible for managing association/disassociation, BSSID scans and such. And this intermediate driver is also responsible for filtering the requests coming from the upper protocols (like WinPcap) for the underlying device description, and always returning "Microsoft" instead of e.g. "Intel Wireless 4965 Adapter".

I haven't looked if there is a possible workaround to the problem, yet.

Do you have an adapter named "Microsoft"? If so, that is most likely your Wireless adapter.

answered 06 Nov '10, 03:24

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

0

The Problem with wireless adapters under Windows OS is, that although you might see your Wireless Card (under Vista/7 often labelled "Microsoft") under capture interfaces - you can only see traffic traversing your wireless card.

That means you have to be connected via an Access Point before you see any packets in Wireshark at your wireless capture interface. If you are only interested in monitoring your own traffic, first connect to an AP and then start Wireshark.

If you want to capture the "real" wireless traffic - that means including 802.11 frames for example for probe requests / responses and authentication details you have to have a capable wireless chipset and a driver supporting monitor mode. This is - like Laura already mentioned - done by AirPCAP from Cacetech for example.

If you like to test your wireless card for sniffing capabilities I recommend downloading a Linux Live CD or USB-Boot Version and running the aircrack-ng suite for testing. With airmon-ng and/or airodump-ng you can try to enable monitor mode for your wireless driver and capture "real" wireless 802.11 traffic for later analysis with wireshark.

answered 09 Nov '10, 04:44

Landi's gravatar image

Landi
2.3k51442
accept rate: 28%

Hello, I think with you if you say that windows is verry restricted in terms of snifing becose they dislike hackers.

So I confirm this information and I will try with scientific linux but I am a beginer in Linux environement.

I will tell you if I reach my purpose which is snifing in promiscuous mode. Before begining I think also that some packages are required like winpcap and tcpdump and others.

Thank you and see you

(01 Aug '12, 10:31) red1_wireshark

Hello, I think with you if you say that windows is verry restricted in terms of snifing becose they dislike hackers.

The problem with windows is not so much their fear of hackers. It's more the lack of proper system design ;-))

Before begining I think also that some packages are required like winpcap and tcpdump and others.

You won't need WinPcap, as that's just the capturing framework for Windows.

I recommend Back Track instead of Scientific Linux, as Back Track already provides all tools you need.

(01 Aug '12, 10:36) Kurt Knochner ♦

That will be verry gentle if you can help me. So I have a Network card called: Realtek RTL8101E PCI-E 1N, it is a 300 Mbps card wich respects the Class B (this information is not important).

So what can I do to sniff all realy broadcasted packets even authentication ones and others with no needs for an access point.

Thanks, see you

(01 Aug '12, 11:05) red1_wireshark

The RTL8101E is a Fast Ethernet Controller. Why do you think it's a 300 Mbps card and how is that related to an access point (wifi/wlan)? Can you please add some detailed information about what you plan to do?

(01 Aug '12, 11:25) Kurt Knochner ♦

So forgot the realtek NIC because It doesn't accept promiscuous mode.

I have a USB Wireless NIC which is this one: http://www.webdistrib.com/cat/Carte-reseau-TP-LINK-TL-WN821N-Wireless-N-USB-Adapter-adaptateur-reseau-__p_813647.html?site=googlemerch&utm_source=googlemerch&utm_medium=shopbot&utm_campaign=googlemerchWebd&xtor=AL-2392744

So I search how to capture all traffic (sniff) I am in Linux environnement because it doesn't apear in wireshark in windows OS.

Thanks, see you

(01 Aug '12, 11:54) red1_wireshark

Hello,

My realy purpose is to capture traffic provided and sent by BOXES of my neighbours. So we are not in the same network I think. But I know that the traffic is broadcasted and I search how to sniff.

see you, and thank you

(01 Aug '12, 12:03) red1_wireshark

So I found some tuto about aircrack but it is not my purpose but I will try to download Ubunto and make it on VMwire and maybe I will sniff and I will explain in this tuto my steps in order that other persons will find the road more quickly.

see you,

(01 Aug '12, 14:19) red1_wireshark

My realy purpose is to capture traffic provided and sent by BOXES of my neighbours.

Sniffing (and cracking) the traffic of my neighbours is illegal in my country. How is the situation in your country?

(01 Aug '12, 16:34) Kurt Knochner ♦
showing 5 of 8 show 3 more comments