First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

capture data of a device on network

  • retag add tags

I'm new to wireshark. please answer my question..., can i use wireshark to capture data of another device on the same network..?? what i have seen is wireshark can only capture data of the PC port that it is running on. i mean if i have two net ports and both connected to network. on thsi same PC i can run wireshark and select my net port to capture datat in and out of this port BUT my project is to capture data in and out of another device on the same network. i don't remember seeing a field in wireshark that allows you to enter OR select an IP of a device that you want to capture data of. please let me knwo if it is possible with wireshark and if yes then how.... thank you...

smaqsood's avatar
1
smaqsood
asked 2018-03-18 03:23:46 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

1

The key is to deliver the data of that device to the PC port you use for capturing. The Wireshark wiki lists all the possible ways to do that.

sindy's avatar
6.2k
sindy
answered 2018-03-18 08:26:22 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Data can't be directed to PC port. That device on LAN is running some online application and I'm interested in capturing data that is flowing between this device and net. I can't install Wireshark on that device. It has to be done on PC on same LAN running Wireshark.

smaqsood's avatar smaqsood (2018-03-18 09:33:32 +0000) edit
more
  • delete

That does not change the relevance of my answer. The only way to capture a traffic is to make it, or a copy of it, appear at the capturing interface. The wiki article I've referred to describes the possible ways of doing so, and running wireshark (or tcpdump) directly on the device of interest itself is just one of them.

You may have to add or replace some hardware in your LAN if the existing one cannot provide traffic mirroring.

sindy's avatar sindy (2018-03-18 11:53:57 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer