How To Use Wireshark Capture

During the capture wireshark will show you the packets that it captures in real time.

How to use wireshark capture. To begin capturing packets with wireshark. Wireshark is a network protocol analyzer that can be installed on windows linux and mac. Once you click this button wireshark will start the live capture process. A pop up window will show up. Select the nic you wish to collect a capture on and click start to begin the capture.

Or you could use the keystroke control e. Select one or more of networks go to the menu bar then select capture. Click on capture interfaces. Browse for the downloaded file and select to open it. For example if you want to capture traffic on your wireless network click your wireless interface.

If you want to stop capturing click the red stop button next to the shark fin. Identify the nic you want to conduct the capture on and uncheck the promiscious checkbox. It provides a comprehensive capture and is more informative than fiddler. To save your captures click on file then select save. Wireshark i eth0 k you can also use the shark fin button on the toolbar as a shortcut to initiate packet capturing.

Click on file then open in wireshark. Wireshark can also open your own saved captured file. In wireshark click on the capture options icon. After downloading and installing wireshark you can launch it and double click the name of a network interface under capture to start capturing packets on that interface. Open your internet browser.

Switch to the options tab and uncheck resolve mac addresses return to the input tab. To select multiple networks hold the shift key as you make your selection. Click the first button on the toolbar titled start capturing packets you can select the menu item capture start.