Hi, I need to get all the hostnames from a trace that i opened using wireshark that it already have alot of data.Is there any filter that i can use in wireshark? Otherwiese what should i do to get the hostnames ? Any help will be appreciated. asked 04 Feb '14, 13:51 FalaG |
One Answer:
There are 'hostnames' in the capture file, like in the HTTP Host: header or in service banners, and there are ip addresses in the capture file (src/dst address) which you or Wireshark can resolve to names via DNS (works only if there is a DNS entry - PTR record - for the address). So, what exactly are you looking for? Regards answered 04 Feb '14, 22:00 Kurt Knochner ♦ edited 04 Feb '14, 22:11 |