Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Wireshark save


ghost's Avatar
0 0

The other day I was on a local machine at the network I seem to talk so much about and I captured some network packets using Wireshark and there were plenty of active computers. I have many mac addresses, IP's, including the mac and IP of a Cisco device. I have never used Wireshark before and there are color coded outcomes. Some are red, some are green, purple, and some are plain old white. I am assuming the red must mean something important or unsecured. That's most likely all I need to know. And with the mac address of a Cisco firewall what could I accomplish? Full annihilation locally?


ghost's Avatar
0 0

here is one thing you can do with wireshark http://samsclass.info/123/proj2/p03_StealingPasswordsWithWireshark_ch3-10.doc

For more use google, theres lots of information about wireshark and its usages. Also look into ettercap for linux, or cain and able for windows. These simplify man in the middle attacks, which work really well to capture valuable data sent between a computer and a router ( then out to web ).

Edit: the colors mean different types of packets captured. For further info go here, http://www.wireshark.org/docs/wsug_html_chunked/ChCustColorizationSection.html,


ghost's Avatar
0 0

Oh yes I am familiar with MITM attacks. Actually I think the method is brilliant. I feel dumbed(not a word) by the fact that I didn't know Wireshark could preform MITM attacks. I am use to using ettercap, which for you who don't use it, I highly recommend it. Well thanks I am reading that .doc right now. Appreciate it.