Ethereal Filtering Details for viewing http for a specific host address

• First Step is to install ethereal, on macosx I found :sudo port install ethereal" to be the simplest.
• After its installed make sure you run it as root so that you can access the network interfaces. "sudo /opt/local/bin/ethereal"
  
• Setup your interface and filter: on my macbook pro the wireless interface was en1.
• Below you will see the capture filter which is: "host 192.168.103.148" This ip address is the machine I have running cosmo and scooby.
  
• This directive just tells ethereal to only capture packets to and from that specific address.
• For the aiport extreme I read that to reliably capture packets you must turn off promiscuous mode
• I recommend not auto scrolling in live capture because it can be very irritating when you are trying to read a packets details and it keeps automatically switching to a new packet without asking.
  

• After you have started this capture you will notice that there is a lot of traffic there not specific to what you want and this is because you haven't filtered out just the http traffic which can be done by inserting http into the filter bar and clicking apply.