Wireshark-users: Re: [Wireshark-users] question about sniffing wireless IPOD conversations
From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Thu, 19 Jan 2012 22:41:01 -0800
On Jan 19, 2012, at 5:01 PM, John S wrote:

> after reading the wireless capture setup, I think the problem is that I'm running Wireshark on Windows XP and this apparently doesn't work well when sniffing other machine's traffic in a wireless network environment.
> 
> Has anyone found a way to do this?

The only programs I know that can do Wi-Fi captures on Windows XP, such as Tamosoft's CommView for WiFi:

	http://www.tamos.com/products/commwifi/

or WildPackets' OmniPeek:

	http://www.wildpackets.com/products/portable_analysis/omnipeek_software

do so by providing their own device drivers for a set of supported 802.11 adapters.  Even Microsoft's own Network Monitor 3:

	http://blogs.technet.com/b/netmon/

only supports Wi-Fi capturing on Windows Vista and Vista 7; they rely on some networking features that first showed up in Vista (NDIS 6 and Native Wi-Fi) and, I think, rely on the driver for the Wi-Fi adapter to support Native Wi-Fi).  Wireshark uses WinPcap on Windows; WinPcap doesn't use the Vista-and-later networking features and thus doesn't support monitor mode on Wi-Fi.