easy way to extract websites visited from a capture

0

Hi all,

I have always wondered is there an easy way to extract the web pages that have been visited from a capture.

For example let's say I have a 30 min capture of all traffic from a user and I want a simple list of the websites he/she has visited i.e. facebook bbc etc. Is there an easy way to do this in wireshark or with another tool (by feeding in the pcap)?

Regards

J

asked 28 Jun '12, 06:08

j-man9's gravatar image

j-man9
1111
accept rate: 0%

One Answer:
oldestnewestmost voted
0

Sorry all - I found the answer here: http://ask.wireshark.org/questions/7040/how-to-monitor-what-websites-are-visited

Basically: Go to Statistics | HTTP | Load Distribution and type http.host. Now look at the "HTTP Requests by HTTP Hosts". This will show you all the HTTP type traffic coming in and out of your network.

And it works pretty well too! ta

J

link

answered 28 Jun '12, 06:15

j-man9's gravatar image

j-man9
1111
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×3
×1

Asked: 28 Jun '12, 06:08

Seen: 1,963 times

Last updated: 28 Jun '12, 06:15

Related questions

How to monitor what websites are visited

I seem to be having an issue with recovering an html page from wireshark, for a class project!

about | faq | privacy | support | contact

powered by OSQA