This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Cannot see TCP traffic

0

I have been using wireshark on ubuntu before, it was working correctly. Now I have installed Kali linux, and I cannot get wireshark to show TCP traffic. I did not set up an encryption key, I captured the eapol packages instead. All the 4 eapol packages are collected. On ubuntu wireshark could see the TCP traffic from that point. I am using the same wifi, as it is mine. In the preferences, I have enabled the encryption and played around a little with the "Ignore protection bit" option, but didn't help either.

Edit: I am using my wifi with WPA2-PSK encryption

What am I missing? I suspect I have set some option long ago I don't remember...

asked 09 Jun '15, 13:30

Regic's gravatar image

Regic
6113
accept rate: 0%

edited 09 Jun '15, 13:32

These might be silly questions, but I have to ask: 1. Are you able to decrypt the WiFi capture on another machine that is not running Kali (i.e., save the encrypted capture and open it on a Windows, Mac, or other Linux distribution machine)?

  1. Are you certain that your capture contains TCP traffic?

  2. Did you enter the correct SSID and passphrase? Sounds silly, but I have lost time because of a typographical error.

  3. Did you toggle the Wireless toolbar decryption menu from Wireshark to None and then back to Wireshark? I am not certain if Kali displays the wireless toolbars - most Linux distributions do not.

(10 Jun '15, 06:14) Amato_C