Wireshark only shows local computer?

asked 2020-09-22 05:05:04 +0000

Hi,

Currently trying to understand a bit more wireshark but im only seeing traffic on my computer and not the whole LAN on my test lab, as i currently running the wireshark on promiscuous mode, cable direct to the switch. I even bought myself a Dualcomm DCSW-1005PT which connected my PC running Debian on port 5 then the LAN cable on port 1 on the dualcomm to then to the switch

Not sure what i missed?

wireshark running 3.5

https://i.imgur.com/PBQ7AoT.png

https://imgur.com/A22Wg5U.png Thank you

answered 2020-09-22 05:48:09 +0000

Jaap

13730 ●684 ●115

What you've missed is studying this page on how switches make networking more efficient, but harder to monitor the complete network at the same time. It also contains some info on how to make traffic available for capture, your Dualcomm is one of the options implementing that for a single link.

edit flag offensive delete link

Comments

Thank you for the reply, the page really help, so if i understood correctly the TAP that i have can only monitor one or 2 devices connected to the TAP switch and not the whole network. The only way i monitor the network if i port mirror the switch? i did read another way is to use arp poising but as its says only on my test LAN network, so if i wanted to see if there is nothing fishy going on or no flowing http passwords, how could i check without disturbing the network? as i only see the option is the port mirroring?

killmasta93 ( 2020-09-23 03:41:52 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Wireshark only shows local computer?

1 Answer

Comments

Your Answer

Question Tools

Stats

Wireshark only shows local computer? edit

1 Answer

Comments

Your Answer

Question Tools

Stats

Wireshark only shows local computer?