Hello,
I would like to know how could I read the information on the packets that I had captured. I''m new using this Whireshark, but this kind of things are kinda easy for my (I like to learn with this)... but I must be doing something wrong:
I use Wireshark to capture the packets with the wireless adapter that came with my pc (Dell Latitude 500, I think)
I prefer to not filter the capture, because I use to practice displaying filters with the saved captures while I'm on a plane, or a long trip.
Right now, I connect to an AP with WEP encryption (that means that I know the password, right?) and I want to see which websites are visiting the users of the wireless network or if it''s possible, to see if one of them is talking about me (one of them is a very very cute
girl!!!!) on MSN or anything...
When I filter the capture with http and ip.addr == 192.168.0.195 I'm able to see a lot of frames, but when I right click and follow TCP stream, I only see weird characters... I dont see something like http://www.ilikethisnetworkadmin.com
I dont want to crack any passwords or anything like that... I just want to know the kind of surfing that the users are doing!!! are these characters like that due to the WEP key? I check the Preferences and i checked the encyrption enabled, and I enter the key#1 that is 1111111111 (the one that I enter in the AP configuration). Do I need to write it down on wireshark like that or in HEX? How do I know if it's decrypting?
I hope I get an answer!!!!!
Cheers
