USBPcap
USBPcap has been there from a long time with Linux and Mac users, but for Windows, this is the first time that users will be able to sniff the activity over USB interfaces. So, let's quickly walk through this latest feature and try to understand how to work with it with the help of an example. Follow the given steps to replicate the scenario:
- After the successful installation of Wireshark on your Windows machine, it is highly recommended that you restart your machine because USBPcap might give you some trouble.
- After your PC has restarted, open Command Prompt and change your current directory to the USBpcap installation directory that should be located at
C:\Program Files\USBPcap\. - Now, perform a directory listing using the
dircommand to check whetherUSBPcapCMD.exeis present in the directory. Refer to the following screenshot that represents this step:
Figure 9.23: The USBPcap installation directory
- Type
USBPcapCMD.exein the Command Prompt to launch the sniffing application...
