Using wireshark to confirm app is using proxy server?

[fabes253]

Hi,

I am 1 day new to Wireshark, so I need patient help. I already watched a ton of tutorials about it so I am familiar with interface and general usage though the information it spits out is alien to me.

I am running two apps, through a btguard proxy and I want to verify they are using the proxy ip instead of my own.

Could anyone help me with this on how exactly to confirm the proxy settings are working? Thanks.

 

[bill001g]

Run it with the proxy on and the proxy off and look for differences. The key thing you should not see is traffic going directly to the ip of location the apps are using when the proxy is on. You should instead see traffic going to the proxy...although if it is not encyrpted you can see the ips inside the packets.

 

[fabes253]

I guess what im looking for how to create a filter or capture to monitor just the program, is there a way to do this with wireshark or any other monitoring tool?

 

[bill001g]

The concept of programs,processes etc are a operating system concept not networking. The best you could hope for is port numbers that a are unique to a particular program that you filter on. If the ports are not unique then there is no way to tie it to software from a trace.

just watching a single machine you should not have so much data that you can not just manually look though the trace.