This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

how do i trace my remote machine Activity through wireshark

0

how do i trace my remote machine Activity through wireshark...?

asked 27 Jan '13, 05:14

kaushal's gravatar image

kaushal
1223
accept rate: 0%


One Answer:

0

First of all, you need to capture the packets the remote machine sends and receives. Maybe this URL can help with the basic setup to do that:

http://wiki.wireshark.org/CaptureSetup/Ethernet

If all else fails you could install Wireshark on the remote machine, but that is always a "last resort" action since it will not always give correct results. Maybe you could also use rpcapd, which is part of WinPCAP (if your remote machine is a Windows box), but while allowing convenient remote captures there are some drawbacks and additional Wireshark configuration work to be done.

answered 27 Jan '13, 11:20

Jasper's gravatar image

Jasper ♦♦
23.8k551284
accept rate: 18%