Ask Your Question
0

How to capture traffic of my smartphones?

asked 2018-12-27 22:49:20 +0000

stripdraw gravatar image

Hello, I have two smartphones, which are connected to my access point. I'd like to collect the traffic from the smartphones to monitor what data is sent from these smartphones. However, my network card is on promiscuous mode but when I run Wireshark I can not find the traffic from the devices. How can I collect the data of these smartphones? Thanks!

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-12-28 19:57:34 +0000

Bob Jones gravatar image

If you can, focus on wired capture of the wifi devices as it is usually easier. Some setup instructions to get you started are here.

If you really need over the air (ota) capture of the devices, there is a setup page in the Wireshark wiki. Really depends on the problem as to what you need; in any event, I always start with wired captures of communications of wireless devices if at all possible to scope the problem. Only then do I progress to OTA captures if the need arises.

You may need special equipment in either case. For wired, you may need to force the phone's traffic onto a single network link and capture traffic from it through a tap, mirror port, etc. This may require changing the network configuration, the network hardware, or both, to accommodate. This doesn't have to be expensive, but it may be equipment you don't have and might need to procure.

For WiFi, you may need OSs and adapters that support monitor mode and promiscuous mode.

Just setting promiscuous mode on an interface on a typical interface/typical network will usually not produce meaningful data as the infrastructure is filtering what data is sent where and has to be configured to provide it to a place where you can capture it. In this case, you are probably using a network switch which provide filtering of unicast (at a minimum) data traffic by way of MAC addresses so you are only seeing the host;s unicast traffic, and then subnet multicast and broadcast. But what you likely want is unicast traffic from the phones, and that's where all of this comes into play.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-12-27 22:49:20 +0000

Seen: 5,755 times

Last updated: Dec 28 '18