WLAN analysis with Wireshark
Let's review using Wireshark to interpret a wireless environment. We disabled channel hopping in the previous section so that we could focus on a target, but now let's try to capture as much as possible and let Wireshark do the explaining. With a wireless capture open, click Wireless | WLAN Traffic. The resulting window is Wireshark - Wireless LAN Statistics - test_wifi_capture-01 with sortable columns. I'm interested in finding the busiest networks, so I sort by Percent Packets:
By expanding the BSSID on the left, we see nested BSSIDs: the parent is the access point, and the nested devices are associated clients. Right-click on a target and click Apply as Filter |Selected. Close out of the statistics box, and you will return to Wireshark's main window with the display filter text box populated with our chosen filter. Apply the filter, and enjoy the time saved digging through packets: