Wireshark-users: Re: [Wireshark-users] Unable to capture wireless traffic

From: Cae Sium <caesium5@xxxxxxxxx>
Date: Mon, 29 Mar 2010 06:25:45 +0800
As learned from here http://wiki.wireshark.org/HowToDecrypt802.11

Edit -> Preferences->Protocol->IEEE802.11->Enable Encryption->Key

I've added the wpa2 keys into the section of wireshark as required but
still got the same output.

Somehow I am not receiving the direct reply to the post, only
receiving the reply through the daily digest.

--- On Sat, 3/27/10, Frank Barta <fbarta@xxxxxxxxx> wrote:

From: Frank Barta <fbarta@xxxxxxxxx>
Subject: Re: [Wireshark-users] Unable to capture wireless traffic
To: "Community support list for Wireshark" <wireshark-users@xxxxxxxxxxxxx>
Date: Saturday, March 27, 2010, 8:10 PM

You will only see the TCP traffic if it is not encrypted. since you
are encrypting with wpa2 you are going to need to decrypt that traffic
to see the real encapsulated layer 3 packet.

On Sun, Mar 28, 2010 at 8:01 AM, Cae Sium <caesium5@xxxxxxxxx> wrote:
> Sorry to re-post as I've accidentally used my friend's email to post earlier.
> Using Debian and trying to learn wireshark and have been
> trying/reading for weeks without success.
> Using Netbook and Desktop connected to the same router with wpa2.
> Wireshark on netbook works when monitoring its own traffic (of course).
> Netbook installed with wireshark and desktop set downloading a large
> file to ensure traffic is there. However, wireshark does not picks up
> TCP protocol , it only reports IEEE802.11 under the protocol column.
> What have I done wrong?
> Appreciate any help.