Monitor/Track data sent over internet by an application

1

How do I monitor/track (and possibly save) the data that is sent over the internet by an application?

Example: I have an application "X", it sends some data over the internet, now I want to know what it sent and to whom (or which server). How to do this?

The required things would be, What is sent? To which IP:Port? To which Location/URL?

Also I would like to repeat the network request.

I tried TCPview, but it only tells about the IP:Port and nothing else. I also tried Wireshark, but didn't help to get the results (or maybe I missed some options). If this is possible with wireshark, it would be nice.

Update 1: I also tried Fiddler 2, which is awesome for sniffing HTTP traffic but not what I want to do.

I want to sniff traffic on an IP with port 2100 (amiganetfs), someone said sniffing is possible with Wireshark, but HOW?

I want to do this with an application that seems malicious to me. Any response will be appreciated.

Akshat Mittal

Posted 2013-04-03T12:50:30.533

Reputation: 2 195

Answers

0

You need to have an understanding of TCP/UDP and IP protocols to use packet sniffers like Wireshark, which if you do then that can tell you what it’s sending, also have a look at Process Monitor at http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

Ben Lavender

Posted 2013-04-03T12:50:30.533

Reputation: 550

How would that help me to sniff network data?? (talking about process monitor) – Akshat Mittal – 2013-04-03T12:57:34.810

Could you help me attaining the task with wireshark? – Akshat Mittal – 2013-04-03T13:12:55.260

All you really need to do is download Wireshark and run. You can filter data via IP, Data type, port and more. – Jeff F. – 2013-04-03T13:28:14.117

I have done that (of course). Now, I choose the adapter and started monitoring. I can see the new requests coming in, I have captured the requests (and also stopped it after enough logging) but how do I figure out the data? Lets say, I got a request of a PNG image (via chrome), how do I save it without opening it in a new window? Also does it show the GET, POST, HEAD requests with parameters? – Akshat Mittal – 2013-04-03T13:36:40.027

maybe this video helps you a bit

– jao – 2013-04-03T14:28:59.150

That video is just too basic, I know all that. The thing is that on port 2100, I am unable to view the traffic. Fiddler has all the things I want but doesn't work with custom ports. Wireshark shows the requests, but I am unable to read them. – Akshat Mittal – 2013-04-03T16:36:10.093

Asked: 2013-04-03T12:50:30.533

Viewed: 4 251 times

Active: 2020-01-14T18:02:30.320