Network analysis with Wireshark
With the program Wireshark you can read traffic from your network (sniff). In the example you see the possibility to analyze HTTP traffic.
Example HTTP traffic
- On the start page, you can choose which interface to monitor. The example analyzes eth0.
- Here you can see an HTTP output.
Wireshark offers several ways to filter the displayed packages.
- Click with the right mouse button: By clicking on the desired filter term (Destination IP in this case) you can activate the filter with Apply as Filter -> Selected.
- Entering the filter term: You can enter the filter term yourself (in this case Destination IP with ip.dst = 10.1.102.101 ).
- Other filter options: (examples)
- ip.addr == 220.127.116.11
- tcp.port == 80