Can I easily use Wireshark installed on a Windows SBS 2003 server to capture traffic sent and received from the server (IP 192.168.1.10) to and from the internet. I want to eaily hide the traffic sent to other 192.168.1.x systems since they are internal. Woudl also like to then hide traffic to and from known applications or services on my system, such as logmein, exchange SMTP port 25 packets, etc. I am trying to identify what is utilizing too much internet bandwidth and possibly somehting not authorized on my server. Thanks! This question is marked "community wiki". asked 06 Oct '11, 13:50 NeedWireshar... |
One Answer:
You'll need to verse yourself in capture filters first. So have a look here and try to work up a capture filter expression to put into the Wireshark capture options dialog. Then check if that's the result you're after. Once refined you can take that capture filter and stick it on the dumpcap command line, which allows you longer term capture, if that's what you need. This has been covered in many places already. answered 06 Oct '11, 23:46 Jaap ♦ |