Ask Your Question
0

Wireshark not displaying packets on my LAN for iPhone

asked 2021-09-14 20:19:47 +0000

marc9889 gravatar image

Hi, new user, but experienced in the industry.

Wireshark doesn't appear to be capturing packets of iphones on my LAN. I obtained the ip address of my iPhone on my LAN (192.168.0.200). Next, I ran (as administrator) Wireshark. I then selected Wi-Fi as the interface, and Wireshark started capturing packets. I added the display filter "ip.addr==192.168.0.200" in the display filter and clicked the arrow at the far right of the display filter text box to implement the filter. No traffic is detected. I tried an ip address of a different phone, still no traffic. I updated the ip address again to a different wireless device, and traffic was recorded. What am I not doing right?

edit retag flag offensive close merge delete

Comments

How is the capture setup? Are you capturing traffic between the AP and your computer or all Wi-Fi traffic?

BigFatCat gravatar imageBigFatCat ( 2021-09-15 07:33:47 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2021-09-15 02:45:32 +0000

Guy Harris gravatar image

If you're capturing in monitor mode, then, if you're on a "protected" network (with WEP or WPA encryption), the packets are encrypted, and you'll have to provide a password and may need to arrange to capture the packet sequence sent when your phone joins the network. See the "How to decrypt 802.11" page in the Wireshark Wiki.

If you're not capturing in monitor mode, you won't see any traffic other than traffic going to and from the host running Wireshark.

(These apply to all Wi-Fi sniffers, not just Wireshark, although not all of them support decrypting packets.)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2021-09-14 20:19:47 +0000

Seen: 2,614 times

Last updated: Sep 15 '21