Download and install Wireshark for free if you do not already have it:
http://www.wireshark.org/download.html
Open Wireshark. At the top toolbar select "Capture" and then click "Interfaces".
If there are several different interfaces listed, determine which one is active. It should have an IP address listed, and have a number of active packets. The number of listed interfaces will vary depending on if you use Ethernet, WiFi or both.
When you have determined which interface is active, press the option button:
Enter the two host IP addresses into the “Capture Filter” field:
Example: host 192.168.xxx.xxx or 192.168.xxx.xxx
Click the "Start" button, and duplicate the connection by attempting to connect to the network share:
Click Start ‐> Select Run ‐> Enter your “IP Address” in the field \\192.168.102.107 and click enter:
You will notice that various packets will now be displayed on Wireshark.
When you are finished capturing packets, stop the capture by pressing the red x at the top left of the screen.
Save the file ‐> example.pcap (pcap format)
No comments:
Post a Comment