Sir's is there someone or somewhere that I can get an audit on my logfile? I don't really know how to read this, but I believe that a computer in my office is attacking my computer and would like to verify it. asked 11 Jun '13, 09:47  Sol Weinstein edited 11 Jun '13, 09:47 |
One Answer:
If you're talking about a file on your computer, logging some form of attack, that's not something Wireshark can help you with but if you mean you want to capture traffic that your computer is receiving from a suspected attacker then yes, Wireshark can do that. Just download Wireshark and start capturing data on your network card to see traffic coming to or from it. answered 11 Jun '13, 20:37  Quadratic |
Thanks, I should be able to see how much data is going to where in the "statistics conversations" section for each separate log, correct?
I'm just confused because of all of the different protocols and sooo much information, which is great.
What do you mean by "log" here? The Statistics > Conversations section will list every session that exists in the trace, per protocol, but your use of the term "log" is not clear to me.
For example, if you have a TCP session between your computer and theirs, it would appear in the TCP section of that window, listing the source/destination IP address and port numbers. You can also right-click on that conversation and apply it as a filter, so that Wireshark itself will display only the packets that relate to that 'conversation' between the two systems.