Grep domain names visited by a particular IP

Posted on by 
tshark -i any -Y 'dns.qry.name && ip.src == 192.168.2.102' -T fields -e dns.qry.name

Comments are closed.