Wireshark/tshark: calculating Windows 10 desktop uptime

wireshark
tcp
Timestamp

asked 2020-04-03 17:19:59 +0000

alohawireshark
7 ●4 ●4 ●7

updated 2020-04-03 17:20:22 +0000

I'm interesting in tracking/calculating the uptime of a Windows 10 desktop computer using TCP packet header information. I read about using the TSecr field. However, both tcp.options.timestamp.tsval and tcp.options.timestamp.tsecr return blank information.

1.Is it possible to calculate machine uptime using other fields?

I've read that Windows is using "TCP Receive Window Auto-Tuning" instead of TCP timestamps to achieve the same performance objectives that timestamps were once used for.

2.Can I use features related to "TCP Receive Window Auto-Tuning" to calculate machine uptime? What fields would those be?

edit retag flag offensive close merge delete

add a comment

Be the first one to answer this question!

Please start posting anonymously - your entry will be published after you log in or create a new account.

Wireshark/tshark: calculating Windows 10 desktop uptime

Be the first one to answer this question!

Question Tools

Stats

Related questions

Wireshark/tshark: calculating Windows 10 desktop uptime edit

Be the first one to answer this question!

Question Tools

Stats

Related questions

Wireshark/tshark: calculating Windows 10 desktop uptime