This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Get hostnames from a trace in wireshark

0

Hi, I need to get all the hostnames from a trace that i opened using wireshark that it already have alot of data.Is there any filter that i can use in wireshark? Otherwiese what should i do to get the hostnames ? Any help will be appreciated.

asked 04 Feb '14, 13:51

FalaG's gravatar image

FalaG
11112
accept rate: 0%


One Answer:

0

There are 'hostnames' in the capture file, like in the HTTP Host: header or in service banners, and there are ip addresses in the capture file (src/dst address) which you or Wireshark can resolve to names via DNS (works only if there is a DNS entry - PTR record - for the address). So, what exactly are you looking for?

Regards
Kurt

answered 04 Feb '14, 22:00

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 04 Feb '14, 22:11