How to Use Wireshark

If you always have to diagnose various network issues, whether at home or at the office, youshould consider tracing each network packet individually. To do so, your best option is to start with Wireshark.

Find out how to use Wireshark and how it can help you diagnose some common network issues.

How to Use Wireshark

To properly use Wireshark, you need to have Npcap installed on your system. Npcap will allow Wireshark to monitor package contents and data in real-time. If you don’t have Npcap, Wireshark will only be able to open saved capture files. By default, your Wireshark installation will also install Npcap on your device.

To learn more and get the latest version of Npcap, follow this link.

Once you’ve successfully installed Wireshark, opening it will bring you to its GUI. Themain window will contain the most critical information available to you, such as:

  1. The menu on the top row. The menu is used to start all actions on Wireshark.
  2. The main toolbar is below the menu. It contains frequently used actions so you have easy access to them without having to navigate multiple menus to find them.
  3. The filter toolbar allows you to display filters to choose from. Filters will make it easier to find the correct packets to trace.
  4. The packet list pane is the primary data source. It contains a list of all packets going through your network. Selecting an item from this list will change what you can see in the following sections.
  5. The packet details pane will provide more information on the selected packet.
  6. The packet bytes pane will list data on a byte-by-byte basis, highlighting the packet you selected for further observation.
  7. Finally, the status bar on the bottom gives you general information on the program’s current status and captured data.

Wireshark can capture live information from your current network. To start capturing, you need to select the correct interface to start capturing from. Wireshark will provide you with all the interfaces detected when you start it up but make sure you choose the correct one.

If you want to see all the packets on the network rather than just those addressed to you,make sure you have checked Promiscuous mode on. The checkbox can be found in the Capture > Options menu on the top bar.

If you want to stop capturing live traffic, press the red button on the toolbar.

Once you have a list of packets at your disposal, Wireshark color-codes them so you can browsethem easier. You can change the options for how the color-coding works in the View > Coloring Rules menu in the top menu bar. Generally speaking, packetsthat are color-coded black are those that have an error.

You can save the packet list by pressing the Save button (located in the File menu). You canuse this to diagnose the problem on the packets at a later date.

If you’re looking for specific packets, filtering is the best way to find them. Typing inthe filter bar is a great first choice. For example, typing “dns” will only show you DNS packets. Wireshark will suggest text to autocomplete your inputwith the most frequent filtering options.

You can also Filter by right-clicking on any part of the information in the packet detailspane and then selecting the “Apply as Filter” option. This is useful if you want to track packets from the same source.

If you want to learn more about using Wireshark, you can use the User Manual.

How to Use Wireshark to Get the IP

If you want to find out the IP of a host on your network, you can use the details of the DHCPto find the host you’re looking for:

  1. Start Promiscuous Mode on Wireshark.
  2. In the filter toolbar, type in “dhcp” or “bootp,” depending on your Wireshark version.
  3. Select one of the packets filtered out. The packet needs to show “DHCP request” in its Info part.
  4. Go to the packet details pane.
  5. Expand the “Bootstrap Protocol” line.
  6. In there, you’ll see the identifier for the device that sent the request.

Most devices will use DHCP to get an IP address as soon as they power up. Make sure you haveWireshark running before the device with an unknown IP/MAC is powered up, so you can capture its DHCP request.

How to Use Wireshark to Get IP Address on a PS4

If you want to get the IP address of your PS4, treat it as a device with no IP at startup:

  1. Prepare a listening device. This can be a PC with Wireshark installed.
  2. Make sure the listening device has Promiscuous Mode enabled on its Wireshark.
  3. Turn your PS4 on.
  4. Look for the DHCP request from your PS4 on the listening device.
  5. The DHCP request should correspond with your PS4.
  6. Look for the information from the sender in the details packet pane.
  7. You will be able to note down your PS4’s name, MAC, and IP address.

If your PS4 is already turned on, or you’re looking for someone else’s IP, try the following:

  1. Have Wireshark open and listening to your network. If you’re using a listening device, make surePromiscuous Mode is on.
  2. Use an internet hub to connect your listening device and PS4 to the internet, or connect PS4 to theinternet via the listening device (for example, by making the listening device into a Wifi host).
  3. Locate your PS4’s IP address.
  4. Join a party with the person for whom you want to find the IP.
  5. Track Wireshark packets for your PS4. The incoming packets will provide their IP address as the senderaddress.

Unfortunately, most incoming IP addresses are masked by the service provider and protocol, soyou won’t be able to get someone else’s precise IP address.

Games that use a peer-to-peer connection will often have all players communicate with oneanother (in the background), allowing Wireshark to get other players’ IP addresses. Various service providers often thwart this, so don’t get your hopesup. The most you’ll be able to get is an approximate location and the service provider’s name.

How to Use Wireshark to Get IP Address on an XBOX

To get the IP address of your XBOX, you can repeat the same steps as you would for anyunknown device:

  1. Get a listening device, such as a PC loaded with Wireshark.
  2. Make sure the listening device’s Wireshark has Promiscuous Mode enabled.
  3. Turn your XBOX on.
  4. Look for the DHCP request from your XBOX on the listening device.
  5. The DHCP request should correspond with your XBOX.
  6. Look for the information from the sender in the details packet pane.
  7. You will be able to note down your XBOX’s name, MAC, and IP address.

If you’re looking for someone else’s IP, try the following:

  1. Have Wireshark open and listening to your network. If you’re using a listening device, make surePromiscuous Mode is on.
  2. Use an internet hub to connect your listening device and XBOX to the internet, or connect your XBOX tothe internet via the listening device (for example, by making the listening device into a Wifi host).
  3. Locate your XBOX’s IP address.
  4. Join a party with the person for whom you want to find the IP.
  5. Track Wireshark packets for your XBOX. The incoming packets will provide their IP address as the senderaddress.

This method should work for peer-to-peer networks and games, or if all of you are using alocal network. Various service providers should be actively thwarting this, however.

Usually, the most information you can get is other people’s service providers and their generallocation (within a few hundred miles).

How to Use Wireshark on Discord

While Wireshark can help you with connectivity issues on your Discord, you can’t useit to get other people’s IP addresses. Discord uses an IP resolver to mask incoming IP addresses, so you can’t pinpoint them to users.

How to Use Wireshark on Omegle

The simple answer is that you can’t really get someone’s IP address from Omegle. If youuse Wireshark to listen to any packets coming from other users, all you will get is their approximate location if you run the IP through a thoroughlocation-based search.

Due to how service providers mask data, it’s impractical, not to mention illegal, to tryand find out someone’s exact IP.

How to Use Wireshark to Capture Network Traffic

As previously noted, if you want to capture network traffic for every device on your network,you need to make sure you have enabled Promiscuous Mode on the listening device.

How to Use Wireshark on Windows

If you want to install Wireshark on your Windows machine, look for the appropriate version to download. Make sure you have selected the Windows version of the download file. From there on, follow the prompts of the installer to install and start Wireshark on your device. Once done, you can easily start diagnosing your connections.

How to Use Wireshark on Mac

To download Wireshark for a Mac device, follow this link. Once downloaded, install Wireshark by following the prompts. Once done, you can start Wireshark and fix your connection issues.

Wade Through the Internet Waters with Wireshark

You can use Wireshark to find your IP address or locate any problems with your internet connection. Sometimes having your problems diagnosed is the hardest part. With Wireshark, tracing your network is simple and easy.

Do you use Wireshark for your work? Have you had any success with it? Let us know in thecomment section below.

Leave a Reply

Your email address will not be published. Required fields are marked *


Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos