Okay i'm using wireshark for the first time and i need it for my thesis, so i wanted to ask if there is a possibility too use a filter for windows so i can see all connections from windows to windows
asked 22 Dec '15, 23:40
It is not possible to see only the traffic for Windows to Windows because there are no filters in wireshark for OSes but if you capturing from live wire and you are allowed to scan the network you can use nmap first to find out IP address of all windows host and then use capture filter to capture traffic for only windows endpoints.
with nmap you can find the OS of the machine by using following command
Then you can use the capture or display filters for to display the traffic of windows endpoints
sorry for my bad English
answered 24 Dec '15, 10:36