 | 1 | initial version |
Simply put, you can only capture network packets that passes the point in the network where you do the actual capturing. See also CaptureSetup
So to capture all traffic from/to a website either run the capture on the webserver itself or at a point in the network where you know for sure all traffic passes (e.g. using a tap).
Probably the easiest way it to log in on the webserver, do the capture locally (using dumpcap, tcpdump, etc.) and when finished transfer the pcap to the computer where you can then analyse it, with Wireshark.
Think of 'remote capturing' as a last resort option only, because the network traffic is then send over the wire twice...
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
