Wireshark on disabling TCP dissector shows a different packet [closed]

asked 2018-03-08 15:51:43 +0000

onceuponadime gravatar image

updated 2018-03-08 15:54:09 +0000


I have a Wireshark capture in which there is a TCP packet that is not categorized as HTTP. However, on opening the packet, I am able to observe a 200 OK. When I disable the TCP dissector to merge multiple streams, it shows the same packet as HTTP packet with 200 OK. This particular packet is only one single TCP stream. I do not see any other TCP packet which was a part of this packet had it not been merged. The packet number is 94 which I observe the issue with.

Wireshark capture at this link http://s000.tinyupload.com/?file_id=0...

edit retag flag offensive reopen merge delete

Closed for the following reason duplicate question by onceuponadime
close date 2018-03-08 16:26:41.593165


Yet another site I can't access from my corporate network.

Security risk blocked for your protection 
Reason: This Websense category is blocked: Malicious Web Sites. Sites in this category may pose a security threat to network resources or private information, and are blocked.

Someone else will have to look at this, or you could possibly try to attach the capture file here using one of the tricks I described in my answer to an old question here.

cmaynard gravatar imagecmaynard ( 2018-03-08 16:15:18 +0000 )edit

Never mind, I found the answer here https://osqa-ask.wireshark.org/questi...

onceuponadime gravatar imageonceuponadime ( 2018-03-08 16:26:33 +0000 )edit