In order to monitor http traffic, we will need a packet sniffer (or a protocol analyzer) software. Here is a detail process how we can monitor http traffic in LAN with Colasoft Packet Sniffer – Capsa.
Again let’s launch Colasoft Packet Sniffer and start a new project. Don’t forget one thing, we have to deploy the packet sniffer to the mirror port of the core switch in order to monitor all http traffic in LAN, if not, we can only monitor http traffic of our own computer.
Then let’s start browsing a website, for example, www.colasoft.com, to generate some http traffic. Now let’s get back to the packet sniffer and see if there is http traffic. OK, we can see the packet sniffer has already captured some http traffic in the “Protocols” Tab
We can see both the aggregated http traffic since start capturing and the real-time http traffic in this tab.
If we want to do a deeper analysis on http traffic, we will need to use the “Locate” function to locate http protocol in the Explorer to let the packet sniffer display only the data that is http protocol. Right click on the protocol and select “Locate Explorer Node” in the pop-up menu.
If we want to know who are using http protocol and what they are actually browsing, we are going to use two tabs, the “Endpoints” Tab and “Logs” Tab.
Let’s see who are using http protocol:
And what they are actually browsing:
No comments:
Post a Comment