First time here? Check out the FAQ!

Ask Your Question
0

Sniffing specific application traffics.

asked Jan 25 '0

Jason Long gravatar image

Hello, In Linux or Windows OS, I have a lot of programs that using the internet and local network and I can't close them. How can I sniffing a specific application traffic by Wireshark?

Thank you.

Preview: (hide)

2 Answers

Sort by » oldest newest most voted
0

answered Feb 2 '0

kaos gravatar image

use Microsoft's Network Monitor or Microsoft Message Analyzer to capture packet for a specified process, save the caputre to a file, then use Wireshark to analyse the trace.

It's like "use IE to d/l FF" :-)

Preview: (hide)
link
0

answered Jan 25 '0

grahamb gravatar image

You can't. What you can do is set Capture Filters to restrict the captured traffic to that of interest, usually by means of local and remote port and remote host names.

If the applications are all sharing the same local port, remote port and remote IP\hostname then there might not be much that can be done.

Preview: (hide)
link

Comments

Thanks, but how can I find the application port? For example, I'm running a torrent and a Telegram messenger and wants to sniff Telegram.

Jason Long gravatar imageJason Long ( Jan 25 '0 )

You use something like Google and "which port for Telegram". I found this which says a number of ports are used.

grahamb gravatar imagegrahamb ( Jan 25 '0 )

start cmd.exe as admin and use the command 'netstat -ab' to list all connections and corresponding executable names

SomeRando gravatar imageSomeRando ( Feb 2 '0 )

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: Jan 25 '0

Seen: 9,273 times

Last updated: Feb 02 '20