Hello! First time user here. My concern is if the business transaction data such as sales, names, etc. Will they be captured in WireShark? If so, Is this an option that can be turned off? I read through the FAQ but didn't find the answers. Thanks In Advance. Thanks Ken. asked 23 Apr '15, 12:23  saytoben |
One Answer:
That's not a problem you can fix in Wireshark. If data is transmitted without being encrypted, everybody can capture and read that information, no matter if he is using Wireshark, Ettercap, tcpdump or any other sniffer. The only solution: Use encryption (like SSL/TLS) if you have to transmit sensitive data over a network. Regards answered 23 Apr '15, 12:27  Kurt Knochner ♦ |
I assume the data captured is easily readable,, i.e. plain text. Is that right, or is it in Hex..etc? Can we strip the data off if we are to produce a report?
It depends on the protocols carried in the packets of what it is, but Hex and sometimes ASCII should be it. And yes, you can strip the data if you're only interested in certain protocol headers.
Use TraceWrangler[1], add your capture file, add a anonymization task, and configure the task to strip everything it doesn't recognize plus everything after Layer 4 (TCP/UDP). That should do it.
[1] https://www.tracewrangler.com