Won't this miss the DNS queries, for example? Frank _____
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary Chaulklin Sent: Monday, February 11, 2008 8:03 AM To: wireshark-users@wireshark.org Subject: Re: [Wireshark-users] How to let wireshark capture one application packets Sorry - this is an extremely convoluted way around this issue of how to let Wireshark capture just one application's packets. If you have 2 PCs available you can run Wireshark on PC1 with Firefox or any other WININET-based browser. On PC2 you will install Fiddler2 (http://www.fiddler2.com/fiddler2/), a free, but Microsoft copyrighted program. You will have to adjust the Internet connection settings on Firefox: TOOLS-OPTIONS-ADVANCED-NETWORK-SETTINGS-MANUAL PROXY CONFIGURATION. Your configuration will contain the IP address of PC2 for HTTP and SSL requests and port 8888 for both. What you will end up with is PC1 sending stuff over port 8888 (Fiddler's default) or whatever port you want. PC2 will intercept this traffic and send it on using the correct ports. If you just want the upper layers of information, then this issue becomes a lot simpler. You can dispense with Wireshark and PC2 and just use Fiddler2's capture. It can give you clear text even if your session is SSL/TLS. Gary _____ Looking for last minute shopping deals? Find <http://us.rd.yahoo.com/evt=51734/*http://tools.search.yahoo.com/newsearch/c ategory.php?category=shopping> them fast with Yahoo! Search.
_______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
