Hello. I am using WireShark on the Windows 7 platform. I was wondering if someone could tell me the settings I should use in my WireShark to log the full HTTP header for any traces I run in the program? Many thanks in advance. DC. asked 06 Aug '12, 02:28  DustinCook |
One Answer:
Wireshark captures full packets by default, so all HTTP headers are included anyway. You just need to open the HTTP section in the decode pane to see them all. If someone uses a proxy you can often see a "X-Forwarded-For" header that tells you for which original IP address the request was processed by the proxy. If the proxy administrator is aware of this he might choose to hide it or replace it with some anonymized address. answered 06 Aug '12, 03:22  Jasper ♦♦ |
Can I also setup WireShark to detect if a web-based proxy site is being used?