This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Wondering a Couple of things

1) How do we set up Wireshark to display all devices connected to Router, directly or By wi-fi

2) Once the devices are all displayed, can we set it up so that not only are the Packets captured but the Destination IP is displayed?

I have looked around viewed Videos but have found no info on that yet

Thanks

asked 19 Nov '10, 21:54

tech07's gravatar image

tech07
1111
accept rate: 0%


Look into 'monitor port', or 'SPAN' for instance.

permanent link

answered 20 Nov '10, 06:03

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

Thanks for reply but can you be a bit more specific please?

Where would I find these Options. I am new to wireshark

(20 Nov '10, 10:59) tech07

Wireshark is no network mapping tool in itself, but you can use it to capture network packets and analyze them or create statistics on what devices talk to what other devices. So if you're looking for some kind of software that will scan you network and tell you about all the devices it has found Wireshark is not that much for you.

What you can do is hook up Wireshark to you router and have it "copy" all network packets (inbound and outbound) from all other ports to the port Wireshark is connected at. That is what Jaap meant when he said you might have a look into monitor ports A.K.A SPAN ports. This kind of functionality depends on the abilities of your router to do such a thing; not all routers have it or can provide monitor sessions for all ports.

All in all I would advise you to give us more details of your situation/requirements and you might get a much better answer ;-)

permanent link

answered 20 Nov '10, 11:27

Jasper's gravatar image

Jasper ♦♦
23.8k551284
accept rate: 18%

If you want to do this without modifying your network devices (e.g. switches), nmap might be a better tool for this project. It will scan entire subnets and present a list of "discovered" hosts and (if open) the service ports open on each host.

You can find both command-line and GUI versions of nmap at http://nmap.org/.

WARNING: This is an ACTIVE port scanner, and it WILL trigger many (if not most) intrusion detection systems. Be sure you have permission to run it against the networks in question before doing so.

permanent link

answered 22 Nov '10, 10:43

wesmorgan1's gravatar image

wesmorgan1
411101221
accept rate: 4%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×1,620
×9
×3

question asked: 19 Nov '10, 21:54

question was seen: 64,838 times

last updated: 22 Nov '10, 10:43

p​o​w​e​r​e​d by O​S​Q​A