Hello, I have a school project to do and the instructor recommended as one of the topics "port mirroring with wireshark". Can somebody please explain me how i will go about doing this so that i can decide whether i want to do this topic or not. Thanks a lot. asked 15 Mar '11, 19:36  mtomey |
One Answer:
You could have a look here. answered 16 Mar '11, 00:30  Jaap ♦ 1 The one thing that annoys me a bit about that wiki page is that it lists stuff like "Man in the Middle" and "MAC flooding" as methods to capture data - that are clearly techniques that should never ever be used in a corporate network to capture data. It's clearly black hat stuff :-) (16 Mar '11, 00:46) Jasper ♦♦ |
If your instructor really said "port mirroring with Wireshark" he should check his own terminology :-)
Wireshark can be used to capture network data at a network switch that copies the ports of interest to a mirror/monitor port. It is not Wireshark doing the mirroring, it's the switch.