Chinaunix首页 | 论坛 | 博客
  • 博客访问: 3517056
  • 博文数量: 349
  • 博客积分: 5771
  • 博客等级: 大校
  • 技术积分: 4191
  • 用 户 组: 普通用户
  • 注册时间: 2009-07-06 11:52
个人简介

it

文章分类

全部博文(349)

文章存档

2019年(2)

2018年(2)

2017年(1)

2016年(2)

2015年(18)

2014年(36)

2013年(69)

2012年(100)

2011年(62)

2010年(57)

分类: 系统运维

2012-04-11 15:13:31

 

A: That depends on the operating system on which you're running, and on the 802.11 interface on which you're capturing. 
This would probably require that you capture in promiscuous mode or in the mode called "monitor mode" or "RFMON mode". On some platforms, or with some cards, this might require that you capture in monitor mode - promiscuous mode might not be sufficient. If you want to capture traffic on networks other than the one with which you're associated, you will have to capture in monitor mode. 
Not all operating systems support capturing non-data packets and, even on operating systems that do support it, not all drivers, and thus not all interfaces, support it. Even on those that do, monitor mode might not be supported by the operating system or by the drivers for all interfaces. 
NOTE: an interface running in monitor mode will, on most if not all platforms, not be able to act as a regular network interface; putting it into monitor mode will, in effect, take your machine off of whatever network it's on as long as the interface is in monitor mode, allowing it only to passively capture packets. 
This means that you should disable name resolution when capturing in monitor mode; otherwise, when Wireshark (or TShark, or tcpdump) tries to display IP addresses as host names, it will probably block for a long time trying to resolve the name because it will not be able to communicate with any DNS or NIS servers. 
See  for details.

打开“capture options”

wireshark默认会使用这个“capture packets in promiscous mode”选项,在抓取无线包时把这个选项的勾去掉即可。
图就不上传了,经过(TELNET数据包)验证没有问题.promiscous混杂的意思.
再抓无线网卡上的包时就OK了.
阅读(22119) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~