How to capture packets using wireshark

From Kolmisoft Wiki
Revision as of 14:29, 17 November 2011 by Admin (talk | contribs)
Jump to navigationJump to search

Wireshark is the world's foremost network protocol analyzer.

It lets you capture and interactively browse the traffic running on a computer network. more about Wireshark

Install

To install wireshark put this command to Terminal:

yum install wireshark

Usage

After that you can use command:

tethereal -i eth0 -w /home/capture.pcap

To save a dump of packets.

Packets will be saved to directory /home/capture.pcap

You can send captured file capture.pcap from your server and open with Wireshark GUI and analyse the packets.

You can analyse network packets on real time on server using command:

tshark

More options with command tshark you can find find here.

Retrieved from "https://wiki.kolmisoft.com/index.php?title=How_to_capture_packets_using_wireshark&oldid=11556"