Wireshark-users: [Wireshark-users] 802.11 Monitor Mode Malformed Packets
I am trying to sniff wireless traffic on my wireless network and an running into an issue with malformed packets. When I am sniffing the interface in managed mode I see traffic coming through correctly with no problems, however when I switch to monitored mode almost everything comes through as a malformed packet.
The network in question is 802.11G WPA encrypted. In managed mode I don't need to enable decryption in Wireshark (I assume because that is handled by wpa_supplicant before it gets to Wireshark), however in monitor mode decryption doesn't appear to do anything, I'm assuming due to the malformed packets, although the eapol packets are all there and appear to be well formed.
I have turned off encryption and I get nice normal traffic under monitor mode, it's only with WPA enabled that I get the malformed packets.
Any ideas? For reference I am running Wireshark 1.0.7 on Ubuntu 9.04 using a Intel Corporation PRO/Wireless 5100 AGN [Shiloh] Network Connection.
Thanks,
Seoras.
