Ask Your Question

catching EVERY packet going to a website

asked 2022-06-04 17:16:10 +0000

linuxbegginer gravatar image


according to Wireshark information:

Wireshark can capture traffic from many different network media types, including Ethernet, Wireless LAN, Bluetooth, USB, and more. The specific media types supported may be limited by several factors, including your hardware and operating system. An overview of the supported media types can be found at

so I have some questions:

  1. Can I capture packets from another network? I tried and failed but is there a way to do that?
  2. Given a website IP address (let's assume we have only one IP address), Can I catch every packet that sends to that website?
  3. I read about ssh-ing to a VM which in terms can capture packets (e.g
  4. Does the questions above depend on the server which runs a website? (e.g: GitHub pages, amazon hosts, Wix, etc.)
edit retag flag offensive close merge delete

1 Answer

Sort by » oldest newest most voted

answered 2022-06-04 21:17:11 +0000

André gravatar image

Simply put, you can only capture network packets that passes the point in the network where you do the actual capturing. See also CaptureSetup

So to capture all traffic from/to a website either run the capture on the webserver itself or at a point in the network where you know for sure all traffic passes (e.g. using a tap).

Probably the easiest way it to log in on the webserver, do the capture locally (using dumpcap, tcpdump, etc.) and when finished transfer the pcap to the computer where you can then analyse it, with Wireshark.

Think of 'remote capturing' as a last resort option only, because the network traffic is then send over the wire twice...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2022-06-04 17:16:10 +0000

Seen: 561 times

Last updated: Jun 04 '22