Wireshark

From ZENWorks Wiki

Jump to: navigation, search

Capturing Slow Logins

Template:Three options that I have used

  1. Use an old hub and plug two workstations in. One run wireshark on PC1 and do the tests on PC2
  2. If you have a managed switch, you can mirror the ports between two workstations. Run wireshark on one and login with the other.
  3. The easiest, run vmware. Run wireshark on the host and login with the vmware guest.


Capture Options

How to capture only packets to and from a specific mac address

Here's my common capture options.

  1. Specify the interfact that we will listen. If the machine only has one NIC, then this is probably correct by default.
  2. Specify the capture filter. This can be either the mac address or ip of the machine you want to capture traffic of
    1. ether host 00:00:00:00:00 Capture all traffic of a specific mac address
    2. host 192.168.1.1 Capture all traffic of a specific IP address

Image:WiresharkOptions.png

Retrieved from "http://jaredjennings.org/index.php5/Wireshark"
Personal tools