|
Hi all, I am remotely capturing packets from two different machines simultaneously, and was wondering if it is possible to either separate the two machines completely by their IP address, or if I need to, somehow run two instances of Wireshark at the same time? Sorry for the newbie questions, I have been looking through the user guide but can't seem to find anything about this. Or maybe I'm not phrasing my question very well. Thanks in advance |
|
You can do either/both. If you run a single Wireshark instance and capture traffic to/from both machines, you can use Wireshark display filters to display traffic to/from only 1 of the machines, and you can even save those packets matching the filter to a separate file. If you prefer, you can instead launch 2 Wireshark instances with each one capturing traffic only to/from a particular machine using an appropriate capture filter. Use whichever method best meets your needs. Great, thank you very much for the help
(28 Oct '15, 02:04)
MWMWMW
|
