Could anyone please tell how NBNS packets are getting generated in Wireshark once we start the live capturing for a particular interface. My objective is to get the hostname of the different machines through PCAP passively. I wanted to know how the packet is getting generated in Wireshark.
How NBNS packet is getting captured in Wireshark
1.5k Views Asked by amt1906 At
2
There are 2 best solutions below
0
On
I happened to find a method for generating the NBNS traffic. By default, the NetBIOS feature is already enabled in all windows machines. An NBNS packet is captured in Wireshark when any windows machines get connected to a particular interface (eg: WiFi) after the sniffing for that particular interface starts.A broadcast NBNS packet will be sent across all machines connected to the network. Through this NBNS packet, you can get the MAC address and mainly the hostname/device name of that particular IP.
PS: Wireshark won't be able to generate NBNS packets for devices that are already connected prior to the sniffing.
You can control it easily.
Click on “Edit”
Click on “Preferences”
You can enable/disable Name Resolution options as per your requirement.