|
I need to use wireshark to capture packets to and from 3 specific IP addresses. I have never used Wireshark before. I would like to set the capture to monitor the 3 IP addresses for 5 days. I an at a loss trying to set it up from my machine. Thanks in advance. |
|
The placement of a sniffer is very important to get your desired results. Typically, a sniffer would be placed with visibility of the interesting traffic (your 3 IPs). This could be a WAN port for example, or inline via a network tap, or via a SPAN port. Since you have not used Wireshark before, I highly recommend you experiment with it on your local interface and LAN first. Wireshark is a great tool, but your synopsis doesn't offer enough topology information to offer a more specific solution, sorry. Hope this is helpful though, John Hi, That was very informative. However would it be possible to sniff out without being physically near to the target machine? The methods outlined above would require one to have a close proximity to hardware in question. Thanks
(24 Aug '13, 10:57)
igodspeed
You need to sniff something in the line-of-path of traffic to and from the target machines. Where exactly to do that depends on your network topology.
(24 Aug '13, 23:10)
Quadratic
|
