smallpox columbian exchange

smallpox columbian exchange


Please Wait

Stack Overflow



  1. Log In
    Sign Up

  2. current community


    • Stack Overflow

      help
      chat

    • Meta Stack Overflow

    your communities

    Sign up or log in to customize your list.

    more stack exchange communities

    company blog

    • Tour

      Start here for a quick overview of the site

    • Help Center

      Detailed answers to any questions you might have

    • Meta

      Discuss the workings and policies of this site

    • About Us

      Learn more about Stack Overflow the company

    • Business

      Learn more about hiring developers or posting ads with us

By using our site, you acknowledge that you have read and understand our Cookie Policy , Privacy Policy , and our Terms of Service .

How to filter wireshark to see only dns queries that are sent/received from/by my computer?

Ask Question


up vote
14
down vote

favorite

3

I am new to wireshark and trying to write simple queries. To see the dns queries that are only sent from my computer or received by my computer, i tried the following:

dns and ip.addr==159.25.78.7

where 159.25.78.7 is my ip address. It looks like i did it when i look at the filter results but i wanted to be sure about that. Does that filter really do what i am trying to find out? I doubted a little bit because in the filter results i also see only 1 other result whose protocol is ICMP and its info says “Destination unreachable (Port unreachable)”.

Can anyone help me with this?

Thanks

dns wireshark packet-capture

share | improve this question

asked Nov 27 ’13 at 19:02

yrazlik

4,4412367124

  • Try: dns and ip.addr==127.0.0.1
    –  alfasin
    Nov 27 ’13 at 19:22

  • @alfasin why do i use localhost instead of my ip address? Is my filter wrong?
    –  yrazlik
    Nov 27 ’13 at 19:24

  • @alfasin when i try that filter nothing is listed
    –  yrazlik
    Nov 27 ’13 at 19:25

  • The title of your question is misleading… you already know how to filter, your problem is with the unreachable destination. This might help: wildpackets.com/resources/compendium/tcp_ip/unreachable
    –  alfasin
    Nov 27 ’13 at 19:38

add a comment  | 

3 Answers
3

active

oldest

votes


up vote
7
down vote

accepted

I would go through the packet capture and see if there are any records that I know I should be seeing to validate that the filter is working properly and to assuage any doubts.

That said, please try the following filter and see if you’re getting the entries that you think you should be getting:

dns and ip.dst==159.25.78.7 or dns and ip.src==159.57.78.7

share | improve this answer

answered Nov 27 ’13 at 19:24

carloandaya

964

  • 1

    Thanks, it looks like your filter and mine is the same because ip.addr refers to both source and destination
    –  yrazlik
    Nov 27 ’13 at 19:26

add a comment  | 


up vote
5
down vote

Rather than using a DisplayFilter you could use a very simple CaptureFilter like

port 53

See the “Capture only DNS (port 53) traffic” example on the CaptureFilters wiki .

share | improve this answer

answered Nov 27 ’13 at 19:58

Ioan Alexandru Cucu

7,35442830

add a comment  | 


up vote
0
down vote

use this filter:

(dns.flags.response == 0) and (ip.src == 159.25.78.7)

what this query does is it only gives dns queries originated from your ip

share | improve this answer

edited Dec 15 ’15 at 5:36

Serjik

4,80964059

answered Dec 15 ’15 at 4:46

itzkmv

132

add a comment  | 

Not the answer you’re looking for? Browse other questions tagged dns wireshark packet-capture or ask your own question .

asked

5 years ago

viewed

71,549 times

active

2 years, 11 months ago

Linked

1

How to Log DNS Failures in Windows 8 (Using PowerShell, cmd, or whatever)

Related

2

UDP packages appear in wireshark, but are not received by program

230

How to filter by IP address in Wireshark?

3

UDP Packet not captured by Wireshark, but is captured by UDP application

7

Python raw socket listening for UDP packets; only half of the packets received

1

UDP packet sent by Ostinato not being received over raw socket. Wireshark captures it though

2

How to filter wireshark to display only packets between a server and a client?

1

Wireshark Display Filter for Unique Source/Destination IP and Protocol

8

How can I determine which packet in Wireshark corresponds to what I sent via Postman?

3

Wireshark – How to filter on JSON content not sent over HTTP

0

wireshark: convert data from dump to a text file using filters

Hot Network Questions

  • What logical fallacy is "If you don’t like it, move!"?

  • Why can we distinguish different pitches in a chord but not different hues of light?

  • Is the Set of Continuous Functions that are the Sum of Even and Odd Functions Meager?

  • How long should I stay in the US?

  • Can light be compressed?

  • How do I keep the government from detecting my flying car?

  • Why novelty is a mandate for a Ph.D degree?

  • I lost my closet key, how to open it?

  • How deep a valley or trench would be needed on mars to provide the same atmospheric pressure as 6 km above sea level on earth?

  • What issues could arise with this Advantage/Disadvantage Variant?

  • Limit of pseudo-exponential sequence

  • Would a Moon made of water pose a threat to Earth during eclipses?

  • Senior employee of my team understood my email as an order and didn’t like it

  • Time Warp: Modern chemist as court alchemist

  • Why don’t commercial airplanes carry Earth-observing instruments?

  • Differences between logic with and without equality

  • Using volatile in embedded C development

  • Coloring a sub-table

  • Unexpected space in table

  • In linear regression, why should we include degree 2 variables when we only want interaction terms?

  • Why does Ramsay Snow engineer a sham escape?

  • How do I know if I’m abstracting graphics APIs too tightly?

  • example.com -> typing ip address directly -> does not load the website

  • Does a rock use up energy to maintain its shape?

more hot questions


question feed

Stack Overflow works best with JavaScript enabled