2
How to make traffic dump with Wireshark
ValdikSS edited this page 2024-07-23 07:21:11 +03:00
To dump network traffic with Wireshark on Windows, do the following steps:
- Download and install Wireshark. You need to get full version, portable won't work.
- Determine IP address of blocked website with
nslookup [site domain]command. Run it in command prompt. - Choose network interface in Wireshark, type into "…using this filter" string in a format:
host [IP address] - If there's more than one IP address on the domain, join them with "or" word:
host [IP address 1] or [IP address 2]Press enter to start traffic capture process. - Go to the blocked website over HTTP and HTTPS.
- Stop traffic capture using a button with red square picture on top panel. Press file → save as to save data file.
- If asked to provide the file, send it to iam@valdikss.org.ru
Perform these steps twice, with GoodbyeDPI and without it.