![]() ![]() Expand the lines for Client Identifier and Host Name as indicated in Figure 3.įigure 3: Finding the MAC address and hostname in a DHCP request This cap is from a Windows host using an internal IP address at. Go to the frame details section and expand the line for Bootstrap Protocol (Request) as shown in Figure 2. Select one of the frames that shows DHCP Request in the info column. Note : With Wireshark 3.0, you must use the search term DHCP instead of boot. Open the cap in Wireshark and filter on boot pas shown in Figure 1. If you have access to full packet capture of your network traffic, a cap retrieved on an internal IP address should reveal an associated MAC address and hostname.ĭHCP traffic can help identify hosts for almost any type of computer connected to your network. In most cases, alerts for suspicious activity are based on IP addresses. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |