WEBVTT 00:00.090 --> 00:07.980 In this lecture, we are going to learn to write and apply the basic CAPTCHA filters. 00:07.980 --> 00:14.010 CAPTCHA filters are different from display filters in terms of syntax. 00:14.010 --> 00:23.790 A few filters are same for both display and CAPTCHA filters, but most of the CAPTCHA filters are completely 00:23.790 --> 00:26.370 different from display filters. 00:26.370 --> 00:28.110 So let's get started. 00:28.110 --> 00:34.440 Now, there are two places where you can write your CAPTCHA filters. 00:34.440 --> 00:36.900 One is the welcome window here. 00:36.900 --> 00:43.440 As you can see, we have the CAPTCHA filter box, which is saying enter a gap filter. 00:43.440 --> 00:49.950 Here, you can write your CAPTCHA filters and other is the CAPTCHA options a window. 00:49.950 --> 00:53.760 We will get back to capture options later in the video. 00:53.760 --> 01:03.390 Now, before writing the CAPTCHA filter, we have to select a network interface where you want to capture 01:03.390 --> 01:05.040 the packets from. 01:05.040 --> 01:09.960 Then the filter gets applied to the selected interface. 01:10.200 --> 01:15.570 So let me select, let's say wi fi now or type a capture filter. 01:16.050 --> 01:22.800 Now this filter will be applied to the selected interface wi fi or wireless card. 01:22.830 --> 01:24.840 Now let me select Ethernet. 01:24.840 --> 01:27.870 And now as you can see, filter has disappeared. 01:27.870 --> 01:33.120 So guys, you have to write separate filters for each interface. 01:33.120 --> 01:34.560 So back to the wi fi. 01:34.590 --> 01:43.920 Now, just like the display filter bar, the background color of capture filter bar also turns green 01:44.010 --> 01:47.040 when you type a valid filter. 01:47.100 --> 01:55.800 Right now, this filter is only going to capture or save the TCP traffic. 01:55.890 --> 01:59.370 It will not capture any other traffic. 01:59.370 --> 02:03.060 It will only capture the TCP traffic. 02:03.060 --> 02:05.040 So double click on wi fi. 02:05.430 --> 02:11.610 And under the protocol column, as you can see, we only have the TCP traffic. 02:11.640 --> 02:13.320 Now, let me stop the session. 02:13.560 --> 02:21.810 Like I mentioned earlier, another place to write the capture filters is the caption options windows. 02:21.810 --> 02:24.270 So go to the CAPTCHA options. 02:24.270 --> 02:30.660 And down here we have the box for writing CAPTCHA filters as you can see. 02:30.660 --> 02:40.500 And this is the last gap filter that I used or applied, and this is a better and recommended place 02:40.500 --> 02:46.650 to write the CAPTCHA filters because it offers you some additional features. 02:46.830 --> 02:54.030 Now click on the button, which is at the beginning of a CAPTCHA filter box, manage saved bookmark. 02:54.210 --> 02:59.910 These are some in-built CAPTCHA filters that you can use, right? 02:59.910 --> 03:05.130 These are most commonly used CAPTCHA filters from this list. 03:05.130 --> 03:09.900 You can select the filter that you want to use. 03:10.110 --> 03:12.990 Now let me select, let's say UDP. 03:13.020 --> 03:25.200 Now this filter is going to capture only the UDP traffic to start capturing packets from CAPTCHA options 03:25.260 --> 03:26.400 window here. 03:26.400 --> 03:33.930 Also, you have to select the network interface first, then type your filter, then click on start 03:34.020 --> 03:35.850 continue without saving. 03:36.850 --> 03:46.690 As you can see under the protocol column, it is only capturing the UDP traffic or protocols that use 03:46.690 --> 03:49.360 UDP for delivering packets. 03:49.630 --> 03:51.600 Now back to the CAPTCHA options. 03:51.610 --> 03:58.180 Now I want to capture both UDP and TCP traffic. 03:58.450 --> 04:09.630 So to combine multiple filters, we have to use our operator logical operators and or not, they are 04:09.670 --> 04:13.660 same for both display and capture filters. 04:13.840 --> 04:25.750 So UDP or TCP, this filter is going to capture both UDP and TCP packets right here. 04:25.750 --> 04:30.250 As you can see, we have both UDP and TCP traffic. 04:31.680 --> 04:40.200 In the same way, guys, you can combine as many filters as you like with or operator like let's say 04:40.200 --> 04:43.290 ah, or ICMP. 04:43.320 --> 04:46.320 LTC And let's use a note. 04:46.340 --> 04:54.810 Operator if I type not UDP and this filter will not capture the UDP traffic.