The common question of all users is How to use Wireshark for Packet Sniffing. They want to know the complete step by step guide. So, we have brought this article.
This article is about how to use Wireshark for Packet Sniffing. With the help of this article, you can easily capture the packets of date from the network easily. Capturing Packets of data using Wireshark is very easy.
This article is only for educational purposes. Use this tool only for Ethical Hacking purposes. If you will misuse this tool and this knowledge, Ethical Hacking Tool will not be responsible for your acts. We do not support any illegal activity.
- Step 1: Opening Wireshark
- Step 2: Selecting the type of Network you want to capture
- Step 3: Collecting all data packets from the network
- Saving the captured data packets
- 1. Capturing Specific Data Packets using the Capture Filter
- 2. Displaying specific packets using Display Filter
How to use Wireshark?
In this article, we will see the complete step by step guide to learn how to use Wireshark for Packet Sniffing. We are again warning you to use this knowledge and tool only for ethical hacking.
Here are all the steps that you need to follow carefully in order to collect all packets of data from the network easily. We will recommend you collect data packets of your own network for testing purposes. Never collect data packet from anyone’s network without their permission. Otherwise, it will be a Cyber Crime.
Step 1: Opening Wireshark
The first step is to open the Wireshark. For opening this tool, you will have to type wireshark in your terminal.
After typing this and hitting the enter key, you will see the Wireshark tool with GUI.
Step 2: Selecting the type of Network you want to capture
In the Wireshark tool, you will have to select the Network you want to capture. We are selecting eth0 because our network interface is an ethernet connection.
Now, you will have to click on the start button. The start button is in the look of the fin of a shark in blue color on the top left side of this tool.
Step 3: Collecting all data packets from the network
Now, you will see a new screen, here you will see a lot of thing happening. Do not worry. The first part of the screen is the complete packet list on that network. The second part of the screen is the packet details, it will shoe the details of single packet. The last part of the screen show the packet in its raw form.
In this step, all the packets from that network will be captured. Now, we will proceed to the next stop.
Saving the captured data packets
In the process of learning how to use Wireshark, saving the captured data is necessary. So, it is time to save all the captured data packets. Before saving the captured data packet, you will have to stop the capturing process. You will have to click on the stop button to stop the capturing process. The stop button is a red squared box next to the start button.
After stopping the capturing process, you will have to save the captured data packets. For saving, you will have to click on the ‘File‘ option. Here, you will see the ‘Save as‘ option. Select it and save it in the .pcap format.
Congratulation! You have successfully captured all the data packets from your network. But, if you want to capture only specific data packes, then you will have to follow some more steps.
Filters in Wireshark
You will see the use of all filters of Wireshark in this section.
1. Capturing Specific Data Packets using the Capture Filter
In order to collect specific data packets, you will have to apply the filter before starting the process. Just click on the Capture option from the top section. It is a gear-shaped icon.
After that, you will have to specify the host from which you want to capture the data in the Capture Filter Form and select the filter by clicking the green icon. The green icon is just before the Capture Filter Form.
Now, you can start your process to capture data packets from a specific host. This was the use of Capture filter. Now, we will see a brief use of the Display filter.
2. Displaying specific packets using Display Filter
Using this amazing filter, you can see only specific packets during the process of capturing data packets. Follow the given steps to use this filter.
Click on the Expressions button that is located on the top right side on the screen. You can use this filter easily during capturing data packets. Select the required filter and click on the OK button.
Now, you will only see specific data packets on your screen. It will not affect the capturing of data packets. So, you can use it without any problem.
This was the complete guide on How to use Wireshark.
Conclusion: How to use Wireshark
In conclusion, we hope that you have got the complete information on how to use Wireshark. Now, you can use Wireshark easily. Always use this tutorial for penetration testing and legal purposes. If you will misuse it, Ethical Hacking Tool will not be responsible for your acts.
Drop a comment below to share your opinion on How to use Wireshark. If you have any questions, you can ask us in the comment section. Share this article in your circle to tell them how to use Wireshark.
We also write articles on user demand, you can also request for articles in this section for free. Do not forget to subscribe to our free newsletter and enable push notifications.
You can also read these articles:
- Learn using Hydra: Best Online Brute Force Attack Tool
- How to get WiFi password using Aircrack-ng in Kali Linux
- Learn Facebook Account Hacking using Local Hosting
- What is Packet Sniffing in Network Security?