I'm new to wireshark and have just started to learn it, but I'm having problems monitoring my network.
In my network there are three stationary computers, the one I have wireshark on is the only linux (ubuntu) one I have. (The other ones are windows.) Well to get to my problem..
192.168.1.6-----------|
Hub-----|
192.168.1.4-----------| |
Router (Switch?) 192.168.1.1?
192.168.1.2---------------------|
Well, when I run wireshark on my own computer (192.168.1.6) or the one connected too the same hub it works flawless. But when I'm trying to sniff 192.168.1.2 or 192.168.1.1 (which is the router, right?) I hardly get anything. When I'm sniffing 192.168.1.1 I get a few random pakates and when I'm sniffing 192.168.1.2 I don't get anything.
I would be glad for any help I could get, thanks in advance, kenta.
Oh, and one other thing. I'm been playing around sending messages over msnms from one of my computer to another, I was happily surprised to find out that you actually could find/sniff the messages with wireshark.
Mail on the other hand is much harder, I now they go through port 25, but it seems like finding what they contains is hard to find out, encryption?
But if they are encrypted, shouldn't I be able to sniff the key as well? Because the computer must have some way to know how to encrypt it, and then shouldn't the key have trawled through the hub, switch or network card?
Well I think you get my point, I appreciate any help, especially if you could answerer why I can't sniff the whole network.
Skaffa nya Windows Live Messenger!
Prova på!