A standard TCPDump, without any modifications to the mode of the Wireless NIC, will not display ALL frames traversing the wireless network. It will only display frames directed at (and capable of being received by) your station. TCPDump is just grabbing the information that is specifically delivered to your station, decrypted, and presented to the OS at the normal Ethernet/IP level.
To listen to ALL frames reaching your station on the wireless network, you'll need have a NIC capable of running in Monitor mode, and then put your NIC into Monitor mode. While in Monitor mode, you won't be able to send traffic, only to observe all frames on the channel. This is done similarly to the following:
iw phy phy0 interface add wlan2 type monitor
iw dev wlan2 set freq 2412
ifconfig wlan2 up
tcpdump -i wlan2
Read the documentation on iw
for more information, and also, see this page for some good information on using iw
for monitoring, with an example.
As noted by @ylearn in the comments, your station will only be able to capture frames under specific circumstances (Some more obvious than others):
- Be in range of the sending station (duh)
- Be of the same type as the sending station (single vs multiple spacial streams for example)
- Be listening to the same channel/frequency as the sending station (listening to 2.4 GHz channels won't help you capture 5Ghz traffic, etc)
And there are more conditions, but the bottom line is that wireless networks are wireless, so there's no guarantee of delivery of traffic and therefore no guarantee of receipt on your Monitoring station. :)
Now with all of that said, you may have all the frames that are being transmitted, but you would still need to decrypt the frames. This a large topic in and of itself, however the basics are this: the frames that any 802.11 station sends into the air are sent encrypted so that not just anyone can sniff all connections.
Wireshark has a nice intro page on Decyrypting 802.11. I recommend reading that, understanding it, and moving on from there.
Edit to respond to your comments, @phenetas:
First, as alluded to in my response, I was assuming your OS was Linux in my answer so I recommended using iw
. If you're serious about learning more about penetrating 802.11 networks, I'd recommend looking into a linux distro such as Kali Linux, which is designed for exactly that purpose. (Use this power only for good please; with great power comes great responsibility, etc, etc.)
However, if you're insistent on using MAC OSX, you have other options as well to put the NIC into monitor mode (including just using Wireshark instead of TCPDump). Some Googling around for MAC OSX monitor mode should help you there.
Finally, I would look into reading more about IP Broadcasts and mDNS (Multicast DNS) as that is what you're seeing initially from the other devices. These are not "intercepted" packets, this IS traffic destined to your device, that is why TCPDump is displaying the packets.
Wi-Fi is IEEE 802.11, the same way that ethernet is IEEE 802.3, token ring is IEEE 802.5, FDDI is IEEE 802.8, etc.
These are some of the IEEE LAN protocols, and the IEEE working groups associated with the protocols. See this answer for more IEEE 802 working groups.
Best Answer
A WiFi repeater or extender is used to extend the coverage area of a WiFi network. It works by receiving your existing WiFi signal, amplifying it and then transmitting the boosted signal. With a WiFi repeater you can effectively increase the coverage area of your WiFi network.
WiFi boosters, repeaters, and extenders are mostly the same thing - devices to extend WiFi coverage. There isn’t a clearly defined difference between devices that manufacturers describe as “repeaters” and devices described as “extenders”. However, not all WiFi extenders work in the exact same way. There are several different kinds of devices available.
There are a couple of solutions to try before opting for a WiFi extender. The simplest is to try moving the location of your WiFi router to the most central location possible. If that doesn’t help (or if changing location just isn’t practical) check if your router needs to be upgraded. If you’ve had an older model for many years, it could be time for an upgrade to a more powerful model. For upgrade, go for some dual band routers with ultrafast processors and gigabit ethernet ports for use with Smart TVs or game consoles. There are routers with unique Beamforming technology which allows the routers to concentrate the WiFi signal towards your WiFi devices.
If everything is fine, that means you have a big place to cover and a WiFi extender could be the solution for you. There are a couple of different options.
One of the most straightforward is a powerline ethernet kit. The kit allows you to send your internet signal over the electrical circuit in your home or office. Firstly, it’s fast to set up. You plug and go.Secondly, it’s fast in bandwidth terms. An extender that uses WiFi will usually see some speed loss. But the distance between power outlets can have an impact on performance, and so can the kind of wiring you have in your place.
The alternate solution is a WiFi repeater. Dual band repeaters get around the speed loss that you mentioned by connecting to the router on one band and outputting a WiFi signal on the other.
One final feature that helps reduce speed loss is dual radios. If the device has dual radios, it can speak to the main router on lower channels, and then rebroadcast on higher channels. There are routers which can be installed outdoors too.