Installing Wireshark on server to capture web service SOAP request and response

Question

I am new to using Wireshark. Can I install Wireshark on server which is hosting Web Service to capture incoming requests and out going responses?

Example end point URL of my Web Service: http://MyIP:9086/WebService

For example my web service is using 9086 port. If I start capturing traffic on 9086, will it give me all request and response (SOAP messages)?

I have installed Wireshark on local laptop and can packets when SOAP UI send request to Web Service. But I want to install it on server and want to capture from that end. Is that feasible?

score 0 · Answer 1 · answered Jun 09 '16 at 09:24

If the server is a linux box, you can use tcpdump, and tell it dump the traffic into a pcap file. This pcap file you can transfer to a local machine and load into wireshark.

From https://www.wireshark.org/docs/wsug_html_chunked/AppToolstcpdump.html
D.3. tcpdump: Capturing with tcpdump for viewing with Wireshark

It’s often more useful to capture packets using tcpdump rather than wireshark. For example, you might want to do a remote capture and either don’t have GUI access or don’t have Wireshark installed on the remote machine.

Older versions of tcpdump truncate packets to 68 or 96 bytes. If this is the case, use -s to capture full-sized packets:

$ tcpdump -i <interface> -s 65535 -w <some-file>

You will have to specify the correct interface and the name of a file to save into. In addition, you will have to terminate the capture with ^C when you believe you have captured enough packets.

I have requirement to share Wireshark packets. I can't use it for this purpose on the server? — Tahir, Jun 09 '16 at 09:52
The pcap file you can share after you have performed the grabbing of the traffic. It is a regular file — Stian Skjelstad, Jun 09 '16 at 09:53

Installing Wireshark on server to capture web service SOAP request and response

1 Answers1