Wireshark/Start

From Wikiversity
Jump to navigation Jump to search

Wireshark is a free and open source packet analyzer used for network troubleshooting and analysis. These activities will show you how to use Wireshark to start a network capture.

Readings[edit | edit source]

  1. Wireshark: User's Guide

Multimedia[edit | edit source]

  1. YouTube: HakTip - How to Capture Packets with Wireshark - Getting Started

Preparation[edit | edit source]

To prepare for this activity:

  1. Start Windows.
  2. Log in if necessary.
  3. Install Wireshark.

Activity 1 - Start Wireshark[edit | edit source]

Two different methods for starting Wireshark are available. These include the Start menu and the Run command box.

Method 1 - Start Menu[edit | edit source]

To start Wireshark using the Start menu:

  1. Open the Start menu.
  2. Select All Programs.
  3. Select Wireshark.

Method 2 - Run Command[edit | edit source]

To start Wireshark using the Run command box:

  1. Open the Start menu or press the Windows key + R.
  2. Type Wireshark in the Run command box.
  3. Press Enter.

Activity 2 - Open the Capture Interfaces Dialog Box[edit | edit source]

Three different methods for opening the Capture Interfaces dialog box are available. These include the Capture menu, the Capture Interfaces toolbar button, and the Capture Interfaces keyboard shortcut.

Method 1 - Capture Menu[edit | edit source]

To open the Capture Interfaces dialog box using the Capture menu:

  1. Select the Capture menu.
  2. Select Interfaces.

Method 2 - Capture Interfaces Toolbar Button[edit | edit source]

To open the Capture Interfaces dialog box using the Capture interfaces Toolbar button:

  1. Locate the toolbar button with the help text List the available capture interfaces. This should be the first toolbar button on the left.
  2. Click the Capture Interfaces toolbar button.

Method 3 - Capture Interfaces Keyboard Shortcut[edit | edit source]

To open the Capture Interfaces dialog box using the Capture interfaces keyboard shortcut:

  1. Press <Ctrl> + I.

Activity 3 - Start a Wireshark Capture[edit | edit source]

To start a Wireshark capture from the Capture Interfaces dialog box:

  1. Observe the available interfaces. If you have multiple interfaces displayed, look for the interface with the highest packet count. This is your most active network interface.
  2. Select the interface you want to use for the capture using the check box on the left.
  3. Select Start to begin the capture.

References[edit | edit source]

Retrieved from "https://en.wikiversity.org/w/index.php?title=Wireshark/Start&oldid=2346023"