John,
This will probably be frowned upon but I found using the "hacking" tool
Cain & Abel to perform an ARP Spoof attack against the device on my
network that I wanted to watch allowed me to see the traffic (as after
all I no longer needed promiscuous if the traffic was actually being
sent to me). Effectively the iPod thinks you are the router, so the
traffic is sent via your PC instead of directly to the real router.
This obviously has legal implications if you are doing this on anyone
else's network (and/or with anyone else's devices) other than your own!
The other alternative is to plug in a wireless access point or router
into your computers' wired LAN port, tell the device to connect to that
and sniff that instead. I used Windows XPs' "Network Bridge"
functionality to join the Wired LAN port and my real wireless
Internet/Network connection together. On a Netgear router I fell fowl of
a bug in the device (http://support.microsoft.com/kb/303743), so had to
assign static IPs. Same legal caveats apply.
These are terrible workarounds but... work..
I also would not under-estimate how easy it is to boot a Linux LiveCD
and use Wireshark on it. It really is just a case of burning it, popping
it in your drive and rebooting (and usually that is all it takes!). It
will leave your Windows installation alone and a simple reboot returns
you back to your familiar Windows desktop. Trace files can be saved to a
USB stick.
Hope this helps,
Matthew
On 24/01/2012 21:35, Kevin Cullimore wrote:
> On 1/20/2012 1:41 AM, Guy Harris wrote:
>> On Jan 19, 2012, at 5:01 PM, John S wrote:
>>
>>> after reading the wireless capture setup, I think the problem is
>>> that I'm running Wireshark on Windows XP and this apparently doesn't
>>> work well when sniffing other machine's traffic in a wireless
>>> network environment.
>>>
>>> Has anyone found a way to do this?
> Sometimes, an extra word or two can greatly enhance the focus of a
> given question:
>
> "Has anyone found a FREE/trivially-inexpensive way to do this?"
