How to snif packets of another pc in my network??

How to snif packets of another pc in my network??
Who is Participating?
Steve JenningsConnect With a Mentor IT ManagerCommented:
1) If the PC you want to sniff is plugged into a hub (likely, it is not) then simply plug your PC running wireshark into the same hub and capture the data.

2) If the PC you want to sniff is plugged into a switch, AND the switch has port mirroring capability you can mirror all of the traffic onto another port and plug your PC into the port you've sent the mirrored traffic into and capture the data.

3) If the switch doesn't have port mirroring capability AND you have a hub, you can cable the PC you want to sniff into the hub, then cable the hub into the switch . . . then plug your PC into the hub and capture data.

4) If you can't do 1, 2, or 3 you will need to download Cain and Able (or a similar product) that allows you to do ARP cache poisoning. This will essentially allow you to be a surreptitious man-in-the-middle.

That said, no offense, but if you can't pull off 1, 2 or 3 you will probably have trouble with the ARP cache poisoning solution. It's a non-trivial task to set up properly and Cain and Able isn't a very user friendly product if you are not more or less network savvy.

Good luck,
Kamran ArshadIT AssociateCommented:

Nicely mentioned in the above comment. Tell the exact model of your switch. It will help you a lot in checking if it supports port-mirroring. Also you can purchase a hub which can always be useful in such diagnostic purposes. Hub is really very inexpensive these days and you can get one for low price.
Great answer from SteveJ.  I'd just add that if 1, 2 or 3 aren't an option and you feel like attempting 4 then there's some basics of ARP poisoning here:

and an excellent video tutorial at the same site:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.