This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

--- disregard...I placed between our switch and gateway and was able to sniff it all ;) ---

it was suggested we use a packet sniffer to discover the root of a trojan spammer behind our firewall, and we have Wireshark Version 0.99.6a (SVN Rev 22276) installed.

Does Wireshark have the ability to analyze the network as a whole, or is it specific to a single device?

asked 10 Feb '12, 09:30

mcrudo's gravatar image

mcrudo
1113
accept rate: 0%

edited 10 Feb '12, 10:50

You might also want to look at getting a newer version of Wireshark. 0.99.6a is really, really ancient.

(11 Feb '12, 02:22) grahamb ♦

Wireshark is a packet analyzer, not a whole network analyzer. Any packets that can be seen by the interface(s) it is capturing on will be available for analysis.

You might want to look at the Wiki Capture Setup page to determine how you want to run your captures.

permanent link

answered 10 Feb '12, 10:10

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

Review the documentation "grahamb" provided. If you have Cisco switches, you can configure a SPAN port. You can connect your wireshark machine to this port to monitor all traffic of the network.

I am sure you are able to configure span ports on other vendors; however, I do not know the syntex to complete this.

Good luck

permanent link

answered 10 Feb '12, 10:50

jaz0nj4ckal's gravatar image

jaz0nj4ckal
15112
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×21

question asked: 10 Feb '12, 09:30

question was seen: 3,029 times

last updated: 11 Feb '12, 02:22

p​o​w​e​r​e​d by O​S​Q​A