Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

How to use wireshark simply

2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)05/31 Report--

This article mainly analyzes the relevant knowledge points of how to use wireshark simply, the content is detailed and easy to understand, the operation details are reasonable, and has a certain reference value. If you are interested, you might as well follow the editor to have a look, and follow the editor to learn more about "how to use wireshark simply".

The ideal access environment for wireshark is hubs, but now there are basically no pure hubs on the market, and now the so-called hubs in the market are mostly small exchanges and so on. As we all know, the traffic of the switch router is sent to the destination port, that is, the destination port will only receive packets destined for itself, while the hub broadcasts packets to all ports in the entire broadcast domain, so it is ideal to grab packets on the hub.

When grabbing packets, wireshark can take the way of filtering, only grab the packets that you want to grab, or you can not set filtering, then it will grab all the packets on the network. Among the packets crawled by wireshark, packets from different protocols are highlighted in different colors, and selecting coloring rules in the view of the main menu can manually change the color displayed by each protocol.

After opening wireshark, select interface in capture in the main menu (or select the first icon in the icon below the main menu), select a more active network connection (network card) in the pop-up dialog box, and finally select start. When you want to stop grabbing packets, just select the stop option in capture or the stop icon under the main menu. Then the captured data packets can be analyzed.

If you only need to view one or two of these packets, you can filter the crawled packets, so that it is very convenient to view the packets for a particular protocol. For example, if you enter tcp in the input field of filter:, the crawled data packet only shows the tcp protocol.

Finally, we can save the results of the crawled packets, so that next time we can re-view the results of this time.

(the wireshark I use is 1.10.5)

This article mainly analyzes the relevant knowledge points of how to use wireshark simply, the content is detailed and easy to understand, the operation details are reasonable, and has a certain reference value. If you are interested, you might as well follow the editor to have a look, and follow the editor to learn more about "how to use wireshark simply".

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report