How do I enable promiscuous mode in Wireshark?

How do you enable promiscuous mode?

The easiest way is to load the b43 driver in your kernel.

sudo modprobe b43. Sudo modprobe ssb. You'll want the latter one for USB use, the former one for built-in Ethernet. If you don't have the latter one loaded, then you can always manually load it, as per their instructions here. I found this out by reading some old threads. I think the answer was there somewhere. Anyway, it seems to be an option with either b43 or firmware-b43-installer.

There are two different options: promiscuous=Y: This will enable promiscuous mode (so you can see what is going on in the network). Promiscuous=N: This will disable promiscuous mode (so other machines on the LAN don't have to worry about you sending out packets that might contain their data).

Why is my Wireshark not capturing anything?

I've recently started using Wireshark to capture data from a wireless lan network.

I'm using a dongle connected directly to the computer running Wireshark.

This is what I have, and so far it's not capturing anything. I have a dongle running Windows 8 Pro 64-bit connected to my laptop, which is running Windows 7 Home 32-bit. I have Wireshark installed on both the Windows 7 Home machine and the Windows 8 Pro machine. I'm using the latest version of Wireshark (2.0).

The computer running Wireshark is using the WLAN driver supplied by the computer manufacturer (as shown by Device Manager). The driver seems to be loaded correctly (Device Manager shows it as "Ralink(R) Wireless 802.11n PCI), but it's not working at all.

When I run the Wireshark executable, I'm not even given a chance to enter the username and password for my wireless network. Has anyone else had any luck capturing wireless traffic? I'm trying to sniff out the handshake of the encryption protocol used in my wireless network. Thanks. Eric. EDIT: In response to the comments below, I tried switching to Wireshark as a Live Capture only. In other words, I enabled the live capture window to show up, but did not run Wireshark as a capture. Then I changed the live capture type to "All interfaces", as shown below, but the Capture window still showed no packets.

If I enable the live capture window, change the Capture window type to All Interfaces, then change it to Show all data (which is the default), I can see that there are lots of packets being sent from the wireless interface, as shown below. I see that some of these packets are getting through, but Wireshark is not showing them.

EDIT 2: I tried re-enabling the live capture window, then enabling the live capture window to show all data. Still not seeing any data.

EDIT 3: It seems like you can't capture data from the wireless interface. I tried this by using wireshark with the Windows 7 Home Edition 32-bit operating system.

How do I enable promiscuous mode in Wireshark?

How do I know whether to open or closed mode?

And how do I enable promiscuous mode for the specified interface?
The promiscuous switch has a default behavior which can be changed. By default the promiscuous mode is set as Open (TCP). In case it is necessary for your program to get packets also from broadcast frames, change the parameter to Closed (UDP) (the default).

If it is necessary for your application to get both TCP and UDP packets from both the interfaces (including broadcast frames), then the parameter should be set to Promiscuous (TCP and UDP). Also, you can choose any kind of listening mode: Listening on a specific interface (default): Wireshark only listens on a specific interface. Listening on all interfaces: Wireshark listens on all interfaces. Listening on a specific IP address: Wireshark listens on the specified IP address. Listening on all IP addresses: Wireshark listens on all IP addresses. Listening on a network subnet: Wireshark listens on the network subnet.

Related Answers

How do I turn on promiscuous mode in Wireshark?

This is a common question that...

How to analyse Wireshark traffic?

What is the difference between Protocol and Application? How do I f...

Is there a Wireshark for Mac?

(I'm on OS X 10.6.8) After using it for a while, now my question is no...