Results 1 to 2 of 2

Thread: Wireshark/Ethereal

  1. #1

    Question Wireshark/Ethereal

    Does Wireshark/Ethereal allow you to sniff the traffic of a specific IP on your network? I can select an interface, but only those local to the system on which Wireshark/Ethereal is installed. I'd like to browse to other IPs on the network and isolate traffic from that IP.

    Can this be done with Wireshark/Ethereal? If so, can you please explain how? If not, I am open to recommendations on sniffers that offer this feature.

    Thank you in advance.

    MB

  2. #2
    Switching & Routing Nerd cchooper's Avatar
    Join Date
    Oct 2003
    Location
    Southern Oregon
    Posts
    245
    In Ethereal you can filter your results by many variables, including by IP address. However, due to the nature of being on a switched network the only data you will capture from a typical node is data destined for (or originating from) your machine, and broadcast data, such as ARP packets and UPNP data.

    I did a quick Google and what you ARE able to do is run "tshark" (the terminal-based version of Wireshark) on a remote machine (assuming you have access to said machine) and then later import the dump file into Wireshark.

    If you have access to the remote machine you are trying to get data from and it is POSIX-based (Linux, BSD, etc) then look into tcpdump.
    Hacking router firmware since 2005

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •