Before we start using wireshark let's first install it. Installing wireshark for Linux platform is super easy. Just run the following command:
sudo apt-get install wireshark
For Windows users, you will have to download wireshark from here and then install it.
Now, once we have successfully installed wireshark, we will use it. Upon firing up Wireshark first you need to choose the interface for which you want to capture the traffic for wireless, ethernet etc.
If you are not sure about your interface just type
ipconfig for windows) in command line and see what interface you are using currently to browse the web. After selecting the interface click on Capture packet button from the toolbar.
Now as you have clicked the capture button you will see random flooding of data in the Wireshark dashboard. Well, this is your network traffic. Some elementary ways to filter traffic:
ip.addr == 'xxx.xx.xx.xx'in the Apply a display filter field.
DNSRequests etc just type the protocol name in the Apply a display filter field.
You can save the captured traffic data using following steps:
Note: For this tutorial save the file in