number of packets jumped rapidly, why ?
I was sitting in an internet cafe shop in Thailand (I'm not Thai). All I did on the computer were opening Duckduckgo.com to search for Wireshark, OBS Studio and installing them. After running Wireshark, I saw the number of packets increased very fast.
There was no program running, but the number of packets jumped rapidly (video https://www.youtube.com/watch?v=2xoBF...) and then Wireshark got malfunctioned. Could somebody explain what's going on ?
In the video the Task Manager shows a lot of network activity in the "Ethernet" graph (several Mbps). So it makes sense that Wireshark will show "increasing very fast" packet rate as well.
You were also coping something to the F: drive. Is this a NAS or file share? Or was OBS writing to a network drive? According to iana port 3260 is used by the iSCSI protocol (disk IO over network)
So you had three programs running using a lot of resources; Explorer, Wireshark and OBS. When the packet rate is very high and with "update list of packets in real-time" option enabled the GUI part of Wireshark may temporary become unresponsive. Is that what you mean by "got malfunctioned"?
@André The large number of packets per second isn't from copying a file to F drive. The file is pcap file saved from previous section. It can be seen in my #1 video https://www.youtube.com/watch?v=a9hmz... in which no file was being copied, but the number of packets still jumped rapidly.
Maybe examining the traffic in capture file would show what happened.
@grahamb I already checked the captured files (links in the video), but they don't show much information because they only show that 95% of the captured packets happened between my client computer and the managing computer of the shop owner. But the shop owner was sleeping on his chair, he must not have done something causing this rapid increase in captured packets.
A video is pretty much useless for analysis, you'll need to provide the capture file. You can upload it to a public file share and post a link to it back here. You may want to anonymise the file first e.g. using TraceWrangler.