Okay i'm using wireshark for the first time and i need it for my thesis, so i wanted to ask if there is a possibility too use a filter for windows so i can see all connections from windows to windows asked 22 Dec '15, 23:40  plonerich |
One Answer:
It is not possible to see only the traffic for Windows to Windows because there are no filters in wireshark for OSes but if you capturing from live wire and you are allowed to scan the network you can use nmap first to find out IP address of all windows host and then use capture filter to capture traffic for only windows endpoints. with nmap you can find the OS of the machine by using following command Then you can use the capture or display filters for to display the traffic of windows endpoints sorry for my bad English answered 24 Dec '15, 10:36  Muhammad Irshad |
What do you mean by "windows to windows". Wireshark has filters for network protocols and endpoints, not host OSs.