From the course: Wireshark: Malware and Forensics
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Capture filters - Wireshark Tutorial
From the course: Wireshark: Malware and Forensics
Capture filters
- [Narrator] If I know the type of traffic that I need to filter, I can use a capture filter. When you use a capture filter, I'm going to drop this down. I'll go to options. So capture and options. And then, I did select Wi-Fi 'cause that's the one where- That interface, I will use Wi-Fi. And down below here says capture filter for selected interfaces. Well now I'm going to click on the bookmarks and see the capture filters, and you can see what is available. Now, some of 'em are prebuilt. TCP only, if I were to select that as you can see, TCP pretty standard. Well you know what I want? I just want DNS traffic. Now, I'm just going to just do a little test and see. I want to see how much traffic I'm getting just on DNS, and I'll type DNS. Well now it's red. Now, you think something's wrong with that because it's red. Well, I didn't use a capital letter on the left-hand side. Wonder why. Well, let's take a look. I want to go to the Wireshark Wiki. And now, let's take a look at DNS. Now…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
Baseline your network4m 11s
-
Displaying data using filters3m
-
Creating complex filters5m 24s
-
Capture filters3m 18s
-
Using statistics3m 14s
-
Save, export, and print6m 28s
-
Coloring rules3m 55s
-
Using a ring buffer4m 24s
-
Challenge: HTTP packets39s
-
Solution: HTTP packets1m 27s
-
Challenge: Firewall rules1m 27s
-
Solution: Firewall rules3m 37s
-
-
-
-