Compnerd,
REAL TALK:
- You need to capture with a wireless adapter that either supports the same or more capabilities as the client you are capturing, or you will have missing or incomplete data
- Many off-the-shelf adapters and packet capture software cannot keep up with the flow of traffic and will miss frames, giving you an incomplete picture of what you are capturing. Sometimes the frame is captured, but might be corrupted and the parameters *could* be incorrect or missing.
- Commercial software like Omnipeek has custom drivers for specific cards which enables the software to have very good control over what the WLAN adapter does. Omnipeek is also expensive.
- If you do not use specific packet capture software that can keep the adapter on the right channel, that WLAN adapter will scan other channels and miss frames, and give you an incomplete picture of what you are capturing.
- You can use free software like Wireshark and AirPcap, as long as you understand their limitations above
Probably the best guide about WLAN packets and their true meaning is the CWAP book from the CWNP website here: http://www.cwnp.com/certifications/cwap/ If you are really interested in packet capturing it is an excellent read.