How to Perform Sniffing in Wireshark?
In this section, we will see a detailed step-by-step process to perform Sniffing in Wireshark Tool.
Step 1: Open Wireshark Window
Open your Wireshark tool in a new window or a Linux virtual machine. and begin network capture. Assume we are capturing wireless fidelity (Wi-Fi Traffic).
Step 2: Start the Wireless Fidelity
Open Wireshark, select your Wi-Fi interface and start capturing packets. Engage in network activities, stop the capture, and analyze the captured packets for network insights.
Step 3: Filter the HTTP Packets
Wireshark has recorded some packets, but we’re looking for HTTP packets in particular. So we use some command in the display filter bar to find all of the captured HTTP packets—the green bar in the image below shows where we applied the filter.
http
Step 4: Filter other Vulnerable Packets
Apply Wireshark filters to focus on specific vulnerable packets: filter by Telnet, TCP, UDP, HTTP, SMTP, NNTP, POP, or FTP protocols to identify and analyze potential security issues in the captured network traffic.
tcp.port == 80 || udp.port == 80
In the below output screenshot, you can see that we have filtered FTP packets.
ftp
wireshark sniffing and spoofing
Wireshark is an open-source packet analyzer that enables real-time data inspection. It enables network sniffing, which analyzes traffic for device communication insights. The ethical and legal implications of network sniffing are discussed, emphasizing responsible usage. Spoofing, a manipulation of network data, can compromise network security through techniques like ARP, DNS, and IP spoofing.
Contact Us