[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 88
  • Last Modified:

Wireshark question

Im new to Wireshark. On my server im able to get on the network but unable to browse the internet. Our network team has verified 2 way communication with the websites, such as yahoo and msn when I try to reach them.

It seems something is blocking at server. The firewall is off and im able to telnet port 80. So I want to do a capture of internet traffic using only port 80. Can someone provide step by step instructions for this?
0
Thomas N
Asked:
Thomas N
1 Solution
 
Elango SathyadevSenior Systems EngineerCommented:
Best way is to use Wireshark. So first install wireshark.  Can use a potable version if you want.

Wireshark can be downloaded from

https://www.wireshark.org/download.html

Make sure Winpcap is installed with it. With Winpcap, wireshark cannot capture packets.

Once installed, server must be restarted.

Once you restart, start up WireShark

Method 1: Enter port 80 or port http in capture filter and select the interface to start capturing.

Method 2: For more detailed analysis capture everything and filter the traffic. Leave capture filter empty and start capture by selecting the interface. Then you should be able to see traffic flowing. on the top, there should be display filter, try entering as tcp.port eq 80. This will filter HTTP Traffic.

More display filters are available in the Wiki Page https://wiki.wireshark.org/DisplayFilters
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now