I've been using WireShark of late and find it very, very useful. I realize I can enable DNS resolution, but a lot of IPs do not get resolved. Is there a way, from the WireShark interface, to invoke a who.is function that would bring up the browser as if I had typed in who.si ip.address? I spend a lot of time bringing up a browser and copying/pasting the IP address into who.is to get all the info. Is there a plugin for such a thing? I have some coding experience. Is it possible to code such a thing for WireShark? For me, this would be very useful. Thanks for any tips/ideas. asked 10 Feb '15, 09:12  larryralph |
One Answer:
That functionality is not implemented, however it would be a pretty cool feature and it could look like this:
"External Tools" would contain user defined external programs, started by Wireshark with the field as parameter ("ping %ip", "firefox.exe http://who.is/lookup=%ip", etc.). As it does not make sense to run ping on a tcp port, the menu shall only show those external commands that use an adequate parameter for the selected field, like %ip, %port, etc.
If you can implement that yourself, go ahead! As I said, that would be a pretty cool feature. Otherwise, please file an enhancement bug at https://bugs.wireshark.org Regards answered 11 Feb '15, 04:09  Kurt Knochner ♦ edited 11 Feb '15, 04:09 |
