![]() If you need serious filtering (I want to know how many packets bitorrent sent to the pirate bay last week) then you need either wireshark or tcpdump. You can also do some filtering by protocol, address family. If you have multiple interfaces, you can filter to a given one with the -I flag. If you wanted hourly records you'd use -w3600. ![]() w10 gives you a record every 10 seconds. Packets errs bytes packets errs bytes colls If you just want to count packets, you can use netstat. You will need to install XQuartz to use it, as it's an X11 windows app.Ī final possibility is to install windows under VirtualBox, Parallels or VMFusion and give it full access to your ethernet cards.īased on the clarification in your comment, I think wireshark would do what you want if you want to look at traffic. Haven't tried it.Īnother possible useful tool is WireShark. KisMac is a older port of Kismet last released in 2006, but reported to work on Snow Leopard. Possibles: iStumbler at http: Of the fairly sparse field,this one is probably the most current. One can actually change the capture channel whilst Wireshark is running but you may miss packets whilst the channel change occurs.Īs I don't have a running linix box at present I'm not up on the capabilities of aircrack-ng Note that command this will also capture packets to a file (it's name will be printed when the sniff command exits) so one can just use airport to capture and then open the file in Wireshark or just quit the airport command after you have started monitor mode capture and let Wireshark collect them so you can see them in realtime. to sniff channel 1 given your WiFi adapter is called en0) : airport en0 sniff 1 You can choose the channel by associating a desired network before the capture or using the using the airport ( /System/Library/PrivateFrameworks/amework/Resources/airport) command (e.g. It needs to be remembered that the WiFi device can only listen on one channel at a time so you'll only see the traffic on the channel it's set to. This will allow for capture of raw 802.11 frames which will show the traffic from APs and clients. ![]() It is possible to use Wireshark with monitor mode enabled to essentially do the job of airodump-ng. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |