How To Monitor Network Traffic Using Wireshark

How to Monitor Network Traffic Using Wireshark

Why We Need To Monitor Network Traffic?

Monitoring of network traffic can help you to provide valuable insights into your network’s performance.

You will know exactly which devices and programs are using your bandwidth. Through network monitoring, you can know where your computers are connecting and how much data they are sending or receiving.

There are many ways that you can monitor your network. But here we explain the most common way to monitor network traffic.

Wireshark or Ethereal is an open source software for network monitoring and packet sniffing. Packet sniffing is a network management task, so Wireshark can be considered overkill for simply viewing traffic on your network and it’s free and available for Windows, Linux, and Mac.
How To Monitor Network Traffic Using Wireshark
How To Monitor Network Traffic Using Wireshark
1. Open your browser and download Wireshark installer for your operating system.

If you are on Linux, Wireshark is probably in your distribution’s repositories. Ubuntu and Debian users should install Wireshark with this command:

$ sudo apt install wireshark

2. Run the Wireshark installer and select default options. Default option will work in almost every case.

3. Open up Wireshark

4. Open Wireshark Select Edit and Preferences in the top menu to set one option that you will need.

5. A new window will be open. Find Capture in the left side list and select it.

6. The body of the window will shift to display the capture options. Make sure that Capture packets in promiscuous mode is checked. Press Ok when it is.

Warning : Using Wireshark in promiscuous mode on a network that you do not own is illegal. Be sure to only do this on your own network.

7. Back on the main Wireshark window, there are two icons that you will need in the main menu. The blue Shark Fin icon starts the Wireshark capture process that records network activity. The red Square stops the capture. You will be able to review and even save the data after the capture. Press the Fin to start.

8. Let the capture run for a bit. If there is something that you have been having a problem with on your network, try to recreate those circumstances. With any luck, Wireshark will capture the moment the problem occurs, and you will be able to take a look at what happened.

9. After you’re satisfied with the amount of info you collected, press the red Square to stop the capture.

10. Take a look at the results. In the top section of the window, you will see the different packets collected by Wireshark. Each one will have an IP address that sent the packet and one that received it. 

You will also see the network protocol of each. When you select one, you will be able to sift through the packet data in the box below. The lowest option on the list generally contains the most “human readable” portion of information. If the packet was encrypted, though, you won’t see much.

11. Keep looking through. Try to use the timestamps to locate the exact moment that your problem occurred. Hopefully, there will be relevant information available. If you want to know more about Wireshark, check out the complete Wireshark tutorial.
How To Monitor Network Traffic Using Wireshark How To Monitor Network Traffic Using Wireshark Reviewed by Redbuddy on May 31, 2019 Rating: 5

No comments :

Powered by Blogger.