03 February 2009

Using WireShark to sniff HTTP packets

WireShark is a pretty powerful tool, especially in detecting certain issues with web apps. To start sniffing packets, follow these steps,
  1. Once you've started WireShark, go to Capture > Interfaces...
  2. Locate your machine's network adapter under the list of interfaces. Click the Options button for that adapter.
  3. In the Capture Options window, click the Capture Filter and enter a name for the filter.
  4. Provide a string for the filter with the IP address of the remote system, ensuring you put host in front of it:
    host 111.111.111.111
  5. Click OK and click Start.
Now you'll see packets between your machine and that specific server. You can also detect traffic on the localhost following these instructions: http://wiki.wireshark.org/CaptureSetup/Loopback.

1 comment:

Anonymous said...

Excellent blog post. I definitely love this site. Keep writing!



Here is my web page :: kostenlos book of ra