virtualbox.org

Good afternoon,

I have virtualbox 5 on windows 10 operation system.

Guest operation systems are windows and linux

I want to capture and analyse the guest os network traffic for some study issues.
Which network mode to choose for the network setting? host only? nat? bridge?

and on windows, how to capture the traffic then according to the selected network interface settings?
can this be handle with wireshark?

thanks in advance

can this be handle with wireshark?

Yes.

Network mode only matters to what you want to do with your tests. We have no idea about that, only you would.

indeed, only I know

I want to check whether guest operation system or any software of it is establishing secret connections.

for sure i can install wireshark on guest os.
but i guess it is more safe to listen on the host.

Wireshark can do what you want on either the host or the guest, but it depends on your knowledge of wireshark, something we do not deal with here. I can say that if you are investigating an ET phone home event, you might want it on the guest for convenience, but it would still work on the host if properly setup.