We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Question:Jpcap ?

rbaian
rbaian asked
on
Medium Priority
731 Views
Last Modified: 2008-01-09
Can I capture packets from a WiFi (802.11) network interface in windows XP by using Jpcap?
can i have some tutorials on this subject?
Comment
Watch Question

Commented:
From the FAQ at this site, http://netresearch.ics.uci.edu/kfujii/jpcap/doc/index.html

Q: Can I capture packets from a WiFi (802.11) network interface?

A: The answer depends on what Operating System you are running and which WiFi devices your system has. On Windows, you may not be able to capture packets from some WiFi devices. Linux or BSD may have higher probability of supporting packet capturing using WiFi devices.

Jpcap development site.
http://sourceforge.net/projects/jpcap

I would say, give it a try. Normally you tell the program which interface to sniff so you should be able to point it to your WiFi card.

Have you considered other sniffer software like Ethereal.  http://www.ethereal.com/
lots of good info in their Documentation page.

Gary
CERTIFIED EXPERT

Commented:
i read somewhere that you can capture traffic from a wireless link if you bridge (www.microsoft.com/windowsxp/using/networking/expert/crawford_02april22.mspx) your wireless adapter with a wired adapter... haven't tried it personally, but it should work...
CERTIFIED EXPERT

Commented:
btw, ethereal is a great sniffer, and runs on *nix and windows... it's just great software

Author

Commented:
thank you all,,,,

i think Gary give me a partial answer to my question but i need some tutorials in Jpcap.

Commented:
Couldn't find a tutorial specific to Jpcap.  It's probably very similar to the many other programs out there. They usually allow you to specify an interface to monitor, start/stop packet capture, display capture various ways, filter based on protocol/source and destination address/packet type, and allow you to import/export data.

The hardest part is understanding what you capture. Decoding packets is not for the faint of heart. There are many aspects to it like, connection setup and maintenance, DNS queries, broadcasts, Network Applications (mail, browsing, ftp, chat) and many others, all using their own protocols and ports. It's a very deep subject. Here's a good link on Network Protocols from IBM that explains how it all works. It's a PDF with 900+ pages.

http://www.redbooks.ibm.com/pubs/pdfs/redbooks/gg243376.pdf

A good place to start is just monitor your connection for a few minutes and look at what you catch. Some simple things to capture. Browse to a website and look at what it took to do that. Ping an address on your network. Release and Renew you IP.  Connect to a network share.

Like I said, there's a lot to learn in this area. Take it in baby steps. You can always post here for help understanding what you see.

Gary

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.