Transaction Time How many bytes are in the HTTP message

asked 2019-07-18 15:20:28 +0000

updated 2019-07-18 15:21:53 +0000

grahamb gravatar image

Hi can someone explain how to find how many bytes are in the HTTP message, what the HTTP Transaction time is ?

Where can i find in wireshark to determine how many bytes are in the TCP header, How many bytes are in the IP header?

edit retag flag offensive close merge delete


These look like homework questions. What have you tried?

grahamb gravatar imagegrahamb ( 2019-07-18 15:22:18 +0000 )edit

So ive tried clicking on a package to see how many bytes are for each of these but I dont think i have enough experience in finding it in the right sections of Wireshark. I have clicked on each section ie; the Frame section, Internet protocol . I am just unsure where to look to help answer these questions or how to go about it . Any suggestions or advice ?

WireSharkBoy gravatar imageWireSharkBoy ( 2019-07-18 15:25:19 +0000 )edit

In the packet details pane you see each level of protocol. You should see Ethernet, IP and TCP. You can click each of these in turn and see the size in the status bar at the bottom.

As for HTTP message, you might need to determine which message, depending on the capture file you're using. Does the HTTP Message include the request and response?

The HTTP transaction time is usually the time between the request going out and the response coming back. There is debate whether the time should be the start of the response or the final packet, as the response is often spread over multiple packets.

grahamb gravatar imagegrahamb ( 2019-07-18 15:52:37 +0000 )edit

i dont see the packet details pane as an option ? I only see Frame; Ethernet internet Protocol, Transmission control, Hypertext and extensible markeup language

WireSharkBoy gravatar imageWireSharkBoy ( 2019-07-18 16:12:16 +0000 )edit

See the User Guide section on the Main Window for details on the various panes and then the section on the Packet Details.

grahamb gravatar imagegrahamb ( 2019-07-18 16:19:15 +0000 )edit