This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

sniff ip messanger chat in LAN connection

-3

i tried t sniff ip messanger chat using "msnms" command in wireshark....but noone packets shown...plz give me some proper way to sniff chat of ip messanger in LAN connection...i have submit this project in 2 days... if any technique for this project then mail me on "[email protected]"...

::::::thankyou:::::::

asked 14 Sep '13, 22:21

john6's gravatar image

john6
78810
accept rate: 0%

edited 15 Sep '13, 01:08

grahamb's gravatar image

grahamb ♦
19.8k330206

Please don't ask duplicate questions and please stop decorating the question title.

(15 Sep '13, 01:09) grahamb ♦

2 Answers:

1

i have submit this project in 2 days.

sounds like homework to me.

Furthermore, you already asked the same question.

http://ask.wireshark.org/questions/24464/chat-sniffing

Have you ever read the docs of Wireshark? Have you ever watched one of the tutorial videos? If you have done that, please tell us what you don't understand and we will help you.

However, if you expect us to do your homework, by giving you details steps (as already asked in the question above), this site might be the wrong place.

Regards
Kurt

answered 15 Sep '13, 01:07

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

i show 3-4 video..in those videos "msnms" command use for sniff msn packets but i couldn't get "msnms" packets..so any other technique???

(15 Sep '13, 04:12) john6

so any other technique???

hm.. did you tell us how your network setup looks like? I can't find any...

So, do you try to capture

  • Ethernet traffic
  • wifi/wlan traffic
  • traffic of your own PC
  • traffic of other PCs in your network
  • do you use a switch
  • is it a managed switch
  • What is your current capture
(15 Sep '13, 11:39) Kurt Knochner ♦

0

So, 2 days to go - you better hurry up then! If this is your homework you got to 'work' this out by yourself though. Here some questions you need to answer yourself.

You think you've captured the msnms traffic:

  • Do you see tcp.port==1863 traffic as per http://wiki.wireshark.org/MSNMS?
  • If not, which port are communicating on to your msnms server? "frame contains 4d53:4720"
  • Are you familiar with the "Decode As" function?
  • Is the session SSL/TLS encrypted? "tcp contains 17:03:00 or tcp contains 17:03:01"
  • Does your wireshark recognize msnms in this sample capture?

answered 15 Sep '13, 05:50

mrEEde's gravatar image

mrEEde
3.9k152270
accept rate: 20%