Wireshark is a network protocol analyzer which helps you to
sniff, store and analyze network traffic. It is built on top of tshark but displays everything in a more systematic way . It is available for almost all operating systems. The software consist of various filters which are used to filter specific packets which you want to analyze.
Now whenever you start Wireshark you will have to select an interface for the list of interfaces. This decides that what all traffic you will be able to capture. To capture all the traffic in air with your wireless chip you can select the monitoring mode enabled card. To capture the all the traffic on a specific frequency you can also select your rtl-sdr.
The best thing about Wireshark is that it can be integrated with different types of hardware and software. There are millions of Wireshark filters so you cannot memorize all of them but you can always refer to them whenever you want on https://www.wireshark.org/.
The only way to learn Wireshark is by experimenting. To get a copy you can download form the following link.
tshark-i mon0 |
Now whenever you start Wireshark you will have to select an interface for the list of interfaces. This decides that what all traffic you will be able to capture. To capture all the traffic in air with your wireless chip you can select the monitoring mode enabled card. To capture the all the traffic on a specific frequency you can also select your rtl-sdr.
using mon0 interface. |
The only way to learn Wireshark is by experimenting. To get a copy you can download form the following link.
No comments :
Post a Comment