Page 1 of 1

General sniffing question

PostPosted: Sat Jan 14, 2006 7:26 pm
by myantispambox
I'm playing with sniffing on my home network. I have vxsniffer working on my iPaq 3760 w/Orinoco card. I'm capturing some packets but it doesn't seem like it could possibly be everything that's going over the network (I have another PC that I'm web browsing and doing other things on).

The only human-readable packets (ie. those with recognizable text) are always about the same: 3 or 4 lines of non-readable characters followed by NOTIFY... HTTP/1.1..HOST blah blah blah.

Why wouldn't it be capturing EVERYTHING?

PostPosted: Sat Jan 14, 2006 7:29 pm
by streaker69
myantispambox wrote:I'm playing with sniffing on my home network. I have vxsniffer working on my iPaq 3760 w/Orinoco card. I'm capturing some packets but it doesn't seem like it could possibly be everything that's going over the network (I have another PC that I'm web browsing and doing other things on).

The only human-readable packets (ie. those with recognizable text) are always about the same: 3 or 4 lines of non-readable characters followed by NOTIFY... HTTP/1.1..HOST blah blah blah.

Why wouldn't it be capturing EVERYTHING?


Your Ipaq is only getting packets that are directed to it because chances are your other machine is on a switched port on your router.

PostPosted: Sat Jan 14, 2006 7:29 pm
by dakkon2k
myantispambox wrote:I'm playing with sniffing on my home network. I have vxsniffer working on my iPaq 3760 w/Orinoco card. I'm capturing some packets but it doesn't seem like it could possibly be everything that's going over the network (I have another PC that I'm web browsing and doing other things on).

The only human-readable packets (ie. those with recognizable text) are always about the same: 3 or 4 lines of non-readable characters followed by NOTIFY... HTTP/1.1..HOST blah blah blah.

Why wouldn't it be capturing EVERYTHING?

Don't know what did the vxsniffersupport people say?
vxsniffer wrote:The price is $59.95 per copy. Includes FREE technical support and upgrades for the life of the product.

PostPosted: Sat Jan 14, 2006 7:41 pm
by myantispambox
If this was a wired network, yeah, I could see how a switch would hide the packets. But this is all wireless! I *am* captuing packets directed to my other machine (192.168.1.102) but it's not all of them and it doesn't seem to capture anything going to the other way.

PostPosted: Sat Jan 14, 2006 7:43 pm
by streaker69
myantispambox wrote:If this was a wired network, yeah, I could see how a switch would hide the packets. But this is all wireless! I *am* captuing packets directed to my other machine (192.168.1.102) but it's not all of them and it doesn't seem to capture anything going to the other way.


Then it sounds as though it's no truely in monitor mode, or it's inhibited somehow by the free version you have. If you paid for it, then go and ask them what's wrong.

PostPosted: Sat Jan 14, 2006 7:50 pm
by myantispambox
I'm gonna reload the iPaq from scratch and see what happens. Something just isn't right....

Man I thought PCs were painful sometimes.... they are cake in comparison to this.