To configure a monitoring (sniffer) interface on Wireshark, observe the following instructions:
- Click on Capture | Options to display all network interfaces on the local machine:
- Select the appropriate network interface, select Enable promiscuous mode on all interfaces, and then click Start to begin capturing network packets:
- The Packet List pane will begin to populate network packets as transactions take place on the network. Clicking on a packet will display all its details and fields within the following Packet Details pane:
As packets are being populated on the interface, the experience may be a bit overwhelming. In the following sub-sections, we will take a practical approach in performing HTTP analysis and other types of analysis to ascertain some important information.
Having completed this section, you are now able to use Wireshark as a sniffer on a network. In the next section, we will demonstrate how to perform traffic analysis in order to gather sensitive information using Wireshark.