Ask Your Question
0

Sniffing specific application traffics.

asked 2020-01-25 16:06:51 +0000

Hello, In Linux or Windows OS, I have a lot of programs that using the internet and local network and I can't close them. How can I sniffing a specific application traffic by Wireshark?

Thank you.

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
0

answered 2020-02-02 22:36:29 +0000

kaos gravatar image

use Microsoft's Network Monitor or Microsoft Message Analyzer to capture packet for a specified process, save the caputre to a file, then use Wireshark to analyse the trace.

It's like "use IE to d/l FF" :-)

edit flag offensive delete link more
0

answered 2020-01-25 18:58:24 +0000

grahamb gravatar image

You can't. What you can do is set Capture Filters to restrict the captured traffic to that of interest, usually by means of local and remote port and remote host names.

If the applications are all sharing the same local port, remote port and remote IP\hostname then there might not be much that can be done.

edit flag offensive delete link more

Comments

Thanks, but how can I find the application port? For example, I'm running a torrent and a Telegram messenger and wants to sniff Telegram.

Jason Long gravatar imageJason Long ( 2020-01-25 21:49:20 +0000 )edit

You use something like Google and "which port for Telegram". I found this which says a number of ports are used.

grahamb gravatar imagegrahamb ( 2020-01-25 23:55:23 +0000 )edit

start cmd.exe as admin and use the command 'netstat -ab' to list all connections and corresponding executable names

SomeRando gravatar imageSomeRando ( 2020-02-02 18:27:03 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2020-01-25 16:06:51 +0000

Seen: 292 times

Last updated: Feb 02