WireShark Tutorial (Part 2 Capture Setup)



Hello and welcome back to the WhireShark Tutorials.
Today we are going to discuss the basic interface and simple parts of Whireshark.
By now you should have Wireshark (32bit) (64bit) Installed along with WinPcap.

Before you start ensure that you are allowed to capture packets from the network you are working on!
For example, corporate policies or applicable law might prevent you from capturing on the network you’re using!

Starting WhireShark.


This is what you see when you start up, If you get any error let me now so we can fix it ;)

  1. The network interface used to capture packets.
    Here you can select Wlan/Lan or any other network device,
    Even if you have a Virtual Machine running for testing environments like me you can capture packets on that VM
  2. Capture options
    Here you can set capture commands, We will get back on that.

The First Capture.

Select your capture card (I’ll be using Wi-Fi) And press Start.
Well done you are now capturing your own data ;)
You will see a huuuuuge list of numbers, ports and IP addresses.


Lets take a closer look.

  1. Here you see a connection between my ip and some server over in japan ;)
    It shows you the following things. Time-stamp, source, destination, protocol and the ports.
  2. Here you see that the source is my ip (Open CMD and enter “ipconfig”)
    This way you can see all your networks and there Ip addresses.

that’s all you are now capturing your own traffic!
Stay tuned for the next part, and if you have questions let me now below.