I would just run the
capture without a filter to collect all the data. Then you can apply display
filter when you view it to narrow it down to things
like:
- just packets sent from your IP
Address
- all HTTP packets sent from your IP
address
That should give you
most of what’s going on. I would shut down all applications on the machine that
aren’t needed prior to doing your capture to cut down on application traffic
that you are already aware of unless you want to see that
too.
john
From:
wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jack D. Slater
Sent: Wednesday, June 11, 2008 10:54
PM
To: 'Community support list
for Wireshark'
Subject: Re:
[Wireshark-users] Newb question please
do I do this by running
the capture? any specific filter I should use to narrow the
scope?
From:
wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Sheahan, John
Sent: Wednesday, June 11, 2008 8:37
PM
To: Community support list
for Wireshark
Subject: Re:
[Wireshark-users] Newb question please
You can see exactly
what URL’s your machine are going to and the IP addresses and ports that other
applications are accessing but I don’t know of any way to tie a destination URL
for instance to the spyware program that is telling it to go there (as an
example).
From:
wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jack D. Slater
Sent: Wednesday, June 11, 2008 8:34
PM
To:
wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] Newb question
please
Thanks in advance for
helping.
Can
I use Wireshark to tell me what traffic, from what program, is outbound over my
network and/or PC to the Internet?
If
so, what's the best way?
Thanks again!
No
virus found in this incoming message.
Checked by AVG.
Version: 8.0.100 /
Virus Database: 270.2.0/1497 - Release Date: 6/11/2008 8:32
AM
