Wireshark-users: Re: [Wireshark-users] Newb question please

From: "Jack D. Slater" <theilliniguy@xxxxxxxxx>
Date: Wed, 11 Jun 2008 22:47:14 -0500
Title: Newb question please
thanks for the help john


From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Sheahan, John
Sent: Wednesday, June 11, 2008 9:58 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Newb question please

I would just run the capture without a filter to collect all the data. Then you can apply display filter when you view it to narrow it down to things like:

 

  1. just packets sent from your IP Address
  2. all HTTP packets sent from your IP address

 

That should give you most of what’s going on. I would shut down all applications on the machine that aren’t needed prior to doing your capture to cut down on application traffic that you are already aware of unless you want to see that too.

 

john

 


From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jack D. Slater
Sent: Wednesday, June 11, 2008 10:54 PM
To: 'Community support list for Wireshark'
Subject: Re: [Wireshark-users] Newb question please

 

do I do this by running the capture?  any specific filter I should use to narrow the scope?

 


From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Sheahan, John
Sent: Wednesday, June 11, 2008 8:37 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Newb question please

You can see exactly what URL’s your machine are going to and the IP addresses and ports that other applications are accessing but I don’t know of any way to tie a destination URL for instance to the spyware program that is telling it to go there (as an example).

 


From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jack D. Slater
Sent: Wednesday, June 11, 2008 8:34 PM
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] Newb question please

 

 

Thanks in advance for helping.

Can I use Wireshark to tell me what traffic, from what program, is outbound over my network and/or PC to the Internet?

If so, what's the best way?

Thanks again!

No virus found in this incoming message.
Checked by AVG.
Version: 8.0.100 / Virus Database: 270.2.0/1497 - Release Date: 6/11/2008 8:32 AM

No virus found in this incoming message.
Checked by AVG.
Version: 8.0.100 / Virus Database: 270.2.0/1497 - Release Date: 6/11/2008 8:32 AM