1
1
Even a few days ago everything was fine, but now simply I can't capture and see tcp, http, etc. wifi traffic but only the traffic for the protocols 802.11 and LLC. I used different wifi spots previously as well as now: none of them was changed somehow, there was no password added to them. What was changed is most probably the setting of wireshark but I really can't find out what exactly: I've tryied mix them up but there was no luck.
Also, when I start capturing the traffic in monitoring mode, I get disconnected after about 30 seconds and can't connect again until I turn off and turn on the WiFi card again. Although it seems a standard behaviour (I read about it), a few days ago it didn't occur at all.
What I can see in wireshark is only my local traffic. A checkbox Enable decryption is checked at settings->protocols->ieee 802.11.
What did change, how to get it back? Maybe I did something with my WiFi interface?
P.S. Yes, I saw the tutorial at wireshark website and Capturing wireless traffic (using Wireshark)
What sort of access points are you connecting to? Are the APs you control and own or do they belong to someone else? If they are APs you own and control and have a legitimate reason to be sniffing, and nothing changed on them, then something changed on your computer. – music2myear – 2013-10-01T17:42:04.460
@music2myear, that's what I said. – アレックス – 2013-10-02T00:53:06.963