How do you use WireShark?

Discussion in 'Computer Games and General Discussion' started by SifJar, Dec 26, 2009.

  1. SifJar
    OP

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    I have a program which downloads something from the internet, and I want to find out where it downloads it from. I did a little research and found that the program to do this with was Ethereal. However, I then found it was discontinued and that WireShark was a continuation of the project or something similar. So I downloaded and installed WireShark Portable, and now I want to know, how do I use it? I just want to be able to see where the earlier mentioned program downloads the file from, can anyone tell me how to do this, or point me in the right direction please?
     
  2. Super Mario

    Super Mario Newbie

    Newcomer
    6
    0
    Dec 14, 2009
    United States
  3. SifJar
    OP

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    Is there no way to just monitor one program's internet access without monitoring the whole network?

    EDIT: And also without buying anything, and on Windows? I don't want to monitor the network, I just want to see the address to which the program connects to download from. If there is another program better suited than WireShark, can someone advise me of this?
     
  4. SifJar
    OP

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    I ended up using Proximodo to monitor the program's downloads if anyone is interested, and it worked brilliantly.
     
  5. FAST6191

    FAST6191 Techromancer

    pip Reporter
    23,363
    9,165
    Nov 21, 2005
    Even simpler version: use a good firewall and turn it up to super paranoid mode. The popups generated usually contain all the necessary info.

    Even "simpler" version: use a hex editor, not foolproof but most web sites an app might access are usually encoded in the exe file in plain ASCII. Obviously compression, encryption, dynamic/generated links and the like will frustrate this. No need to go to unpacking apps though as the firewall/monitoring software works just as well.
     
  6. SifJar
    OP

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    Proximodo was pretty simple once I figured out that it was what I needed, but I never thought of opening the exe in a hex editor...I'll remember that for future.

    EDIT: opening the exe with a hex editor would have been easier, I tried it and found the address in seconds. Oh well, I'll know for again. Although I think Proximodo was simpler than setting up/configuring a firewall.