How do you use WireShark?

Discussion in 'Computer Games and General Discussion' started by SifJar, Dec 26, 2009.

Dec 26, 2009

How do you use WireShark? by SifJar at 6:47 PM (886 Views / 0 Likes) 5 replies

  1. SifJar
    OP

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    I have a program which downloads something from the internet, and I want to find out where it downloads it from. I did a little research and found that the program to do this with was Ethereal. However, I then found it was discontinued and that WireShark was a continuation of the project or something similar. So I downloaded and installed WireShark Portable, and now I want to know, how do I use it? I just want to be able to see where the earlier mentioned program downloads the file from, can anyone tell me how to do this, or point me in the right direction please?
     
  2. Super Mario

    Newcomer Super Mario Newbie

    Joined:
    Dec 14, 2009
    Messages:
    6
    Country:
    United States
  3. SifJar
    OP

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    Is there no way to just monitor one program's internet access without monitoring the whole network?

    EDIT: And also without buying anything, and on Windows? I don't want to monitor the network, I just want to see the address to which the program connects to download from. If there is another program better suited than WireShark, can someone advise me of this?
     
  4. SifJar
    OP

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    I ended up using Proximodo to monitor the program's downloads if anyone is interested, and it worked brilliantly.
     
  5. FAST6191

    Reporter FAST6191 Techromancer

    pip
    Joined:
    Nov 21, 2005
    Messages:
    21,697
    Country:
    United Kingdom
    Even simpler version: use a good firewall and turn it up to super paranoid mode. The popups generated usually contain all the necessary info.

    Even "simpler" version: use a hex editor, not foolproof but most web sites an app might access are usually encoded in the exe file in plain ASCII. Obviously compression, encryption, dynamic/generated links and the like will frustrate this. No need to go to unpacking apps though as the firewall/monitoring software works just as well.
     
  6. SifJar
    OP

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    Proximodo was pretty simple once I figured out that it was what I needed, but I never thought of opening the exe in a hex editor...I'll remember that for future.

    EDIT: opening the exe with a hex editor would have been easier, I tried it and found the address in seconds. Oh well, I'll know for again. Although I think Proximodo was simpler than setting up/configuring a firewall.
     

Share This Page