Today in this post I am going to tell you how to use wireshark.Now after you install and open your wireshark for the first time, if you have no experience it's gonna look like a magic tool to you as I had experienced it when I opened it for first time.
Now after you open wireshark, you can see it's window as shown if following figure.
Ther you can see many options but only some of them are useful for you at this time and I am going to explain you only about those options.
As you can see in the wireshark window, on the left side there is a category shown as 'capture'. In that category there are various options shown as Interface list and 'start capture on interface'. Now if you know what interface you should select, you can directly choose an interface from the 'start capture interface'. But if you don't know know what interface to select, goto ' interface list' tab.
Now there you may see various interfaces name. Now you have to open the one which is showing counts. For an example: in mine computer the middle one named microsoft is showing the counts. After clicking on the corresponding 'start' tab,a new window opens showing various constantly changing datas. These all are the list of packets sent and received every moment. Only few of them are useful to you at this time.
Now last for this post, use of filter option. As defined by the name, any of the protocals or names included in this field are filtered out or in as users choice. e.g. If you type http there and press enter, all the packets using HTTP only are shown there. And if you type not(http) there, all the protocals excluding HTTP are shown the list.
Ok friends this much for today's part of series, will include some more topics in coming posts. Please keep visiting. Good bye
No comments:
Post a Comment