Quick Start Guide
Wireshark Quickstart Guide
7
Chapter 2: Using Wireshark
I) Two ways to capture some packets:
i) A Simple capture
You are now ready to capture packets coming to and from your
machine. Begin the capture process by selecting the “Capture”
menu and then clicking “Start”.
Wireshark will immediately begin capturing data from the
network adapter you selected earlier, or give an error message
that no adapter is selected if you didn’t perform the pre-
configuration.
You can stop the capture by selecting “stop” from the capture
menu.
ii) Selecting “Capture Options” before
Capturing
Many people prefer to take an extra step before beginning the
capture which lets a number of features be configured. Click the
“Capture” menu then select “Options”. You should see a dialog
as in Figure 4. A number of options are available in this dialog.
Some, such as “capture filter”, are for more advanced use.
However, a number of options are available which are very
useful even during basic captures. A number of these items are
highlighted in Figure 4, including:
1) Update list of packets in real time: This tells Wireshark to
displays packets as they captured rather than waiting until
the capture is stopped (default is on).
2) Automatic scrolling in live capture: If the previous item is
selected, this tells Wireshark to scroll the packets so that
you are viewing the most recent (default is on).