开发者

Is there a packet sniffer that can be limited to one single program?

开发者 https://www.devze.com 2023-02-05 23:51 出处:网络
I\'ve been using Wireshark for a while now to analyze a few programs. Is there a way that I can limit Wireshark to sniff only one program开发者_JS百科? Or is there another program that does something

I've been using Wireshark for a while now to analyze a few programs. Is there a way that I can limit Wireshark to sniff only one program开发者_JS百科? Or is there another program that does something like this?


tracedump is an open source packet sniffer available for Linux, which can do exactly what was asked in the original question; it's free.


Using Wireshark you can filter by destination port number or IP address. For example, Mail clients usually use ports 25 and 110 for sending and receiving emails.


If you are sniffing a web application, you should try to use HttpFox, which is a Firefox plugin. It only show net traffic from the current website.


Are you looking for Windows or mac...?

If Windows then the answer is yes.You can use Microsoft Network Monitoring tool..

But for mac i did not find any useful tool yet...am still searching...

In mac OS X you can use the following command and that will give you the list of ports used by the application.

    lsof -i |grep firefox|grep Established|awk -F "[ :]*" '{print $10}' |cut -c 1-5 >>/Users/..../Desktop/name.txt

Use these ports to filter the wireshark pcap...

Done...!

0

精彩评论

暂无评论...
验证码 换一张
取 消