With the program Wireshark you can read traffic from your network (sniff). In the example you see the possibility to analyze HTTP traffic.

Example HTTP traffic

  • On the start page, you can choose which interface to monitor. The example analyzes eth0.
image Description
  • Here you can see an HTTP output.
image Description

filter

Wireshark offers several ways to filter the displayed packages.

  • Click with the right mouse button: By clicking on the desired filter term (Destination IP in this case) you can activate the filter with Apply as Filter -> Selected.
image Description
  • Entering the filter term: You can enter the filter term yourself (in this case Destination IP with ip.dst = 10.1.102.101 ).
image Description
Other filter options: (examples)

  • ip.addr == 204.13.248.70
  • tcp.port == 80

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: