This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

And if so, can I see exactly what data is being transmitted and to what IP? Also, can I get additional info on the IP, like country and service provider, and have the option to block any further communication?

asked 03 Nov '13, 02:06

leebonolo's gravatar image

leebonolo
1111
accept rate: 0%


You can use Wireshark to record what your PC is receiving and sending, unless you have a very sophisticated malware infection that manages to either

  • prevent Wireshark from running in the first place
  • ceases doing its communication while the capture is running
  • or hides the packets from Wireshark

All three are not very likely because most Spyware is too stupid to care. If you capture all communication from your PC you can use GeoIP databases to find the locations of the other system (if it is known).

You might want to check my blog for the following posts that may help:

http://blog.packet-foo.com/2013/04/the-packet-analysts-self-check/

http://blog.packet-foo.com/2013/05/wireshark-geoip-resolution-setup/

permanent link

answered 03 Nov '13, 02:24

Jasper's gravatar image

Jasper ♦♦
23.8k551284
accept rate: 18%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×36

question asked: 03 Nov '13, 02:06

question was seen: 4,395 times

last updated: 03 Nov '13, 02:24

p​o​w​e​r​e​d by O​S​Q​A