Skip to main content


Showing posts from April, 2013

Passively Monitoring Network Traffic On Wireless Networks

Many times, during penetration tests, we have to monitor the data flowing inside the network. Achieving this on an Ethernet network is simple as we can just connect a network cable and be a part of the target network.  But that makes us accountable and someone from the network can find out that someone is monitoring the traffic. In wireless networks, we have an advantage of monitoring the network traffic passively.  The packets are freely flowing over the air and we just need to be able to see them. To be able to monitor network traffic, we must put our wireless adapter in Monitor mode. airmon-ng start wlan0 This will start the monitor mode on a virtual interface such as “mon0” To start dumping data from the target network, we need to know following things:
BSSID – MAC address of the Access Point Channel on which the Access Point working To find out these things, we can run airodump on all the channels. This will list all available wireless networks with various pieces of information for each…