Can I collect wireless packets using Wireshark while being connected to the Internet via cable?
Solution 1
If you're are not listenting on the wireless network you won't be able to see most of the traffic on that network. Most wired networks these days are switched, such that you will only see traffic that is either from your machine or to your machine (either because it's sent directly to your system or because it's broadcast traffic sent to all systems on the network).
If you want to capture traffic on the wireless network, you would likely be best using a tool dedicated to this task (e.g. kismet Wireless) or airodump-ng) along with an appropriate wireless adapter configured in monitor mode.
Solution 2
You can't sniff for the same reason you can't sniff the traffic of other users if you connect to a regular switch with a cable. The switch will forward packets only to ports where it knows the destination for the packet is, not to all ports (except when it does not know where the destination is).
Some more expensive switches have special ports to which all traffic is forwarded so that it can be sniffed (the Cisco term for such ports is SPAN), but I doubt that your home router has such a port.
For the same reasons you can't monitor other users WiFi traffic if you are connected to the router with a cable. The router will simply not forward packets to your port if their destination address is not your PC.
Solution 3
Given that this was originally asked on Information Security, rather than, say, Network Engineering, when you ask "Can I sniff the packets being sent to and from the wireless router even though I am connected through cable?", what you might really mean is "could somebody sniff the packets being sent to and from the wireless router...".
If so, then the answer is "yes"; if they're within radio range of the wireless router, and have a Wi-Fi adapter that they can put into monitor mode, they can sniff traffic on your network.
However, if the network is "protected", i.e. using WEP or WPA/WPA2, the traffic is encrypted, and they'll either need the network's password or software capable of cracking the packets to decrypt it. WEP is definitely crackable, so it's Equivalent Privacy to that of a Wired network only if the wired network to which it's being compared isn't hard to cut into and tap. :-) WPA and WPA2 are harder to crack.
If, however, you really were asking whether you could capture the traffic, the above applies. You're running an operating system that does let you put adapters into monitor mode. For various annoying reasons that I hope to have time to fix in libpcap at some point, it's not as easy as it should be (i.e., the checkbox in Wireshark and the -I flag in tcpdump and tshark don't necessarily work), but it can be done.
As for decrypting the packets, here's how to decrypt them in Wireshark. Note that for WPA/WPA2, you need to capture the initial EAPOL handshake for each station whose traffic you want to decrypt.
Solution 4
As far as I am aware there is no reason to send packets that would be delivered via WiFi anywhere on the physical connection, that would generate unnecessary traffic. That's probably why you aren't getting them. If you have a WiFi adapter on your PC you can use it to sniff WiFi traffic, no matter where you are plugged in.
Also, Wireshark, the way you are running it from your PC, usually only intercepts traffic that get's sent to your Computers NIC (Network Interface Card). So if you only have a wired connection it will only be able to capture those packets, but if you have a WiFi NIC then you will be able to see all the traffic.
Solution 5
No You are not able to directly sniff the packets from the Wireless interface on the wired interface. You may be able to depending on your router either monitor the traffic directly from the router it self, or by setting up a monitor port where all information the router receives is sent onto its destination as well as the monitor port. The monitor functionality is something usually found in managed switches but it is worth looking at your router's configuration.
The other option you may want to look into is an inline tap. You could set the tap in between your router and your modem and monitor the traffic at that point. The Throwing Star is a cheap inline tap example: http://hakshop.myshopify.com/products/throwing-star-lan-tap-pro?variant=216030698
Related videos on Youtube
![View Smartphone Traffic with Wireshark on the Same Network [Tutorial]](https://i.ytimg.com/vi/Hl0IpoS503A/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLCitilMxYIzjx1aXIcj4ZVa7G2MJg)
12 : 20
10 : 38
08 : 41
06 : 25
00 : 56
38 : 32
03 : 04
ErrorrrDetector
Updated on September 18, 2022Comments
-
ErrorrrDetector over 1 year
I am working on a PC which is connected to my router using a LAN cable, and the other computers in my house are connected to my router using WiFi.
We are all connected to the same network, so I assume that the answer to my question will be yes, but when I run Wireshark it doesn't capture packets sent from the other devices connected via WiFI.
Can I sniff the packets being sent to and from the wireless router even though I am connected through cable?
-
Admin almost 9 yearsWhat OS is on the machine on which you're running Wireshark?
-