![]() ![]() ![]() HTTP requests and responses contain a lot of things, like URI of the HTTP request, the server name. ![]() Simply following “File → Export objects → HTTP…” already reveals a lot of details. As a first step I made Wireshark to save all HTTP objects from the capture file. Analyzing packet captures with WiresharkĪs it turned out all connection were plain HTTP. If you are interested in, I mounted a remote server’s storage via sshfs on OpenWRT to circumvent the small storage the router has. Albeit I noticed that not all IP address from the list had packets in the pcap. Or host 42.120.158.121 or host 106.11.186.5 or host 106.11.248.98)Īfter more than a week I had enough traffic captured to analyze it with Wireshark. tcpdump -peni any -s 0 -w /path/to/storage/capture.pcap tcp \ Therefore I executed a tcpdump command to save any future traffic matching any IP address from the list I specified.įor your reference, I used this command to capture packets. I was expecting if there is something what phones home to China, it may try again. Packet captures should take place on the router device. Creating packet captures from network traffic The biggest pain point here is for performance and capacity reasons my setup did not collect network packets themselves but only metadata.Īt this point I was only aware of the connections but did not have visibility about their actual content. (I also made some traffic to China from another host during troubleshooting, therefore I excluded that host from the report.) Traffic were initiated by two different Android phones in our household.Even the one which addressed port TCP 443. All traffic took place over plain HTTP which are not encrypted.So as the number of occasions and size of transferred data of the connections. I have a list of IP addresses of servers which are located in China.The starting point for my experiments is getting network details from my network monitoring system to get some insights about traffic. Analyzing packet captures with Wireshark. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |