How to Capture Packets in Windows?

This topic describes how to capture and analyze packets using Ethereal in Windows
1.         Run Ethereal and perform the following to enter the Capture Option window:

?       Click Start a New Live Capture on the left side of the toolbar, as shown in the field marked in red.

?       Alternatively, choose Capture > Start from the main menu, as shown below.

2.         In the Capture Filter area of the Ethereal: Capture Options window, set the packet filtering criteria. For example, enter the host IP address and udp in the Capture Filter area and click OK to start capturing packets.

3.         Perform the following operations in the NMS.

4.         Click Stop to stop packet capturing.

Information of the captured packets is shown below.

5.         You can click Expression to access the Ethereal: Filter Expression window, and then set other filtering criteria.
