Revision history [back]

There are at least 3 potential solutions.

1. Any protocol can be disabled via Analyze -> Enabled Protocols. Scroll down or search for Gryphon then deselect it to disable it.
2. Manually edit the disabled_protos file located in your Personal configuration directory, assuming you are working with the Default profile. You can find the directory via Help -> About Wireshark -> Folders. Simply add gryphon as an entry in the file. If the file doesn't exist, you can manually create it. This solution is basically the same as the first one though, except you're editing the file manually instead of letting Wireshark do it, so option 1 is probably safer to do than this one, should be your method of choice.
3. Since the Gryphon dissector is a plugin, you could remove the gryphon.dll file from the Global Plugins directory and restart Wireshark. You may need administrator rights to do this though. Locate the Global Plugins directory via Help -> About Wireshark -> Folders, and you should find the gryphon.dll file in the epan/ subdirectory.

Personally, I'd recommend using option 1.

NOTE: When you disable a protocol, it's only disabled for a particular profile, and if you haven't created a new profile, it'll be the Default profile. So, if you want to leave the Default profile alone, you can create a new "Vendor App" profile using Edit -> Configuration Profiles..., and then only disable the Gryphon dissector in that profile. That way, you can leave it enabled in other profiles that aren't applicable when you're not analyzing that vendor's application traffic.

There are at least 3 potential solutions.

1. Any protocol can be disabled via Analyze -> Enabled Protocols. Scroll down or search for Gryphon then deselect it to disable it.
2. Manually edit the disabled_protos file located in your Personal configuration directory, assuming you are working with the Default profile. You can find the directory via Help -> About Wireshark -> Folders. Simply add gryphon as an entry in the file. If the file doesn't exist, you can manually create it. This solution is basically the same as the first one though, except you're editing the file manually instead of letting Wireshark do it, so option 1 is probably safer to do than this one, should it be your method of choice.
3. Since the Gryphon dissector is a plugin, you could remove the gryphon.dll file from the Global Plugins directory and restart Wireshark. You may need administrator rights to do this though. Locate the Global Plugins directory via Help -> About Wireshark -> Folders, and you should find the gryphon.dll file in the epan/ subdirectory.

Personally, I'd recommend using option 1.

NOTE: When you disable a protocol, it's only disabled for a particular profile, and if you haven't created a new profile, it'll be the Default profile. So, if you want to leave the Default profile alone, you can create a new "Vendor App" profile using Edit -> Configuration Profiles..., and then only disable the Gryphon dissector in that profile. That way, you can leave it enabled in other profiles that aren't applicable when you're not analyzing that vendor's application traffic.