Compress capture file creates issues?
Is there issues related to using zip to compress a capture file? Is it a normal practice and is there any data loss when done from windows zip?
Is there issues related to using zip to compress a capture file? Is it a normal practice and is there any data loss when done from windows zip?
First of all ZIP is a lossless data compression format, so no, there is no data loss compressing a capture file.
For archiving purposes it may be beneficial to compress a capture file, so that it takes less space in storage, obviously.
Wireshark can read compressed capture files straight from disk. It uses ZLib for this, so unless the Windows ZIP implementation does something non-standard that should be fine.
There's Zip format and there's gzip format. Wireshark can read gzip format, using zlib; it can't read Zip format.
If you use gzip compression, instead of zip, Wireshark is able to read the compressed file directly. Both gzip and zip uses lossless data compression, thus no data loss.
You may use a tool like 7zip to create gzip compressed files on Windows.
Please start posting anonymously - your entry will be published after you log in or create a new account.
Asked: 2020-10-20 16:45:04 +0000
Seen: 930 times
Last updated: Oct 26 '20
how do you read wireshark capture files?
number of web sessions, DNS interactions information from a capture file
Verify large files via Extract HTTP Objects
Recovering corrupt packet captures
url Decode i need to find a way to decode this reverse shell commands was used by attacker [closed]
tshark: Look-up and modify all IP fragments during capture from and writing to pipes? [closed]
Can't Store packets in SSLkeylogfile