This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

how do i capture packets of two hosts

0

how do i capture packets between two hosts?

once packets are captured, how do i know the cause of the problem? like email alerts sent from Oracle server to Exchange server sometimes fail. is there something like a reference that i can compare against my captured packets?

asked 26 Feb '14, 00:51

rino19ny's gravatar image

rino19ny
1111
accept rate: 0%


One Answer:

0

how do i capture packets between two hosts?

by following the steps described here: http://wiki.wireshark.org/CaptureSetup

and here: http://wiki.wireshark.org/CaptureSetup/Ethernet or http://wiki.wireshark.org/CaptureSetup/WLAN whatever applies in your environment.

once packets are captured, how do i know the cause of the problem?

by analyzing the problem description, then 'mapping' that description to involved protocols (http, smtp, whatever) and finally by looking at the matching connections between the involved systems (Oracle and/or mail sever).

is there something like a reference that i can compare against my captured packets?

Most certainly no, as every network is different. However, you should learn something about the basic protocols (IP, TCP, UDP, http, smtp, etc.). With that knowledge (and some experience), you should be able to figure out if the connection you are analyzing shows any problem.

Regards
Kurt

answered 27 Feb '14, 05:23

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%