This is our old Q&A Site. Please post any new questions and answers at

This is probably been asked, but I cannot find it. I am looking to move an application servers from on-prem to AWS. I am trying to determine all the IP addresses and on what ports that are hitting this server so I can setup our firewalls and the security groups accordingly. I need to run a survey for about 24 hours to get a good idea of all the endpoints and ports.

I have tried setting the capture settings to only capture 64b of data and recreate a new file every 10 minutes. When Wireshark does not crash after about 2 hours, it is generating a lot of files and using a chunk of disk space. It is also going to be something of a pain to analyze. Does anyone have a better way of doing this?

asked 08 Jun '17, 05:49

NDanger69's gravatar image

accept rate: 0%

Yes. See this blog post I wrote:

Also, if you're looking at what ports that server is hosting services on, why not run a "netstat" command on the server itself to check which ports are open? Or, if you can't do that, run an nmap scan against the server IP to see which ports are in service?

permanent link

answered 08 Jun '17, 06:09

Jasper's gravatar image

Jasper ♦♦
accept rate: 18%

edited 08 Jun '17, 06:11

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 08 Jun '17, 05:49

question was seen: 696 times

last updated: 08 Jun '17, 06:11

p​o​w​e​r​e​d by O​S​Q​A