Rookie wireshark question
Hello everyone,
A couple of months ago, I was playing with wireshark. The capture was running smoothly, showing the traffic of my machines, either being TCP or UDP, showing destination IPs, source IPs etc.
I launched it again today, and for some reason it captures only UDP traffic: http://prntscr.com/16chh6m. The captured packets of the screenshot are supposed to be facebook and youtube searches.
I searched the internet but I couldn't find a reason. I even installed the new kali linux 2021.2 .ova file and still had the same results.
Any recommendations and explanations will be gratelly appreciated.
My setup is: 1 windows laptop, 1 windows desktop, 1 kali linux 2021.2 on virtual box, 1 ubuntu 21.1 on virtual box. All connected to the same router via ethernet.
Thank you in advance
Is remote mouse installed? Remote mouse uses UDP ports 2007 and 2008.
All the traffic in your capture is broadcast, have you disabled promiscuous mode on the capture interface?
BigFatCat: Remote Mouse is indeed installed on my laptop. grahamb: It was enabled, I disabled it and is still showing only UDP traffic.
You need promiscuous mode enabled to capture traffic not destined for your machine. What is your capture machine connected to, a switch port, a tap or something else?
Some more questions: