You can also install the tool on a server and use a capture filter to limit captured traffic to a specific workstation. For example, you can connect a laptop running the sniffer to a port on a full-duplex “aggregating” switch. This might not be a bad time to mention that you can run Wireshark in many different configurations. Now you might ask “how am I going to capture network traffic before I even log on” given that in our examples so far, you’ve been running Wireshark on the PC itself, and need to be logged on to start the program. (The actual traffic in any given network will vary depending on many factors, so although the protocols and sequences mentioned here are fairly typical, they probably will not match exactly what you see on your network.) One of the areas that always seems to interest users and administrators alike is logging on, so let’s take a look at some of the traffic types that can occur when a user logs on to a Server 2003 or 2008 domain. Now I’d like to turn our attention to some Windows-specific issues. Last week we looked at a number of introductory issues on using the Wireshark tool.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |