You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Download WireShark (64bit version) from https://www.wireshark.org/download.html.
 
Install it on the DualShield server (follow its user guide).
 
Run it as Administrator
 

 
Use the capture filter "tcp port 389", as we only care about the LDAP traffic on port 389.

Press "Enter" key to start the capture.
 
Alternatively, You can add the filter into template with  Capture | Capture Filters...

 
Click + button to add a new one

 
(double click the fields to change their values)
 
You can see the current options, Capture | Options...
 
 

If everything is set correctly, click "Start" button to start the capture.
 
You should see live LDAP traffic captured in Wireshark.
 

 
To stop the capture, click the stop button on the toolbar: 

 

or select from the menu:

 
Finally, you can save the capture into a file.