This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Download tracking

0	How to tracke downloadings in network using wireshrk? urgent-help asked 15 Apr '13, 03:32 Gaurav Tiwari 1●1●1●1 accept rate: 0%

2 Answers:

I don't recommend trying to do that unless you have a small scope of applications you want to track downloads for, and know how to filter on downloads.

It is usually easier to enforce users to go through a proxy and use the proxy logs to track user activity.

answered 15 Apr '13, 03:35

Jasper ♦♦
23.8k●5●51●284
accept rate: 18%

Wireshark is primarily a tool for network troubleshooting. Thus it is not optimized for the things you are asking for. You better use one of the following tools.

http://www.cockos.com/assniffer/
http://www.xplico.org/
http://www.netresec.com/?page=NetworkMiner

Maybe the following list contains what you need.

http://www.forensicswiki.org/wiki/Tools:Network_Forensics

Regards
Kurt

answered 15 Apr '13, 07:46

Kurt Knochner ♦
24.8k●10●39●237
accept rate: 15%