Ask Your Question

Anders's profile - activity

2025-04-06 07:54:13 +0000 commented answer How to get list of all IP addresses on my network

Your home router may provide a list of connected devices in its admin gui.

2025-04-03 05:43:13 +0000 commented question Extraction of Ethernet packets from .blf file

It should be possible to read .blf files with the developer version of Wireshark.

2025-04-03 05:43:00 +0000 commented question Extraction of Ethernet packets from .blf file

It should be possible to read .ble files with the developer version of Wireshark.

2025-04-03 05:42:33 +0000 commented question Extraction of Ethernet packets from .blf file

It should be possible to read before files with the developer version of Wireshark.

2025-03-31 10:22:32 +0000 answered a question how Wireshark determines the protocol of each packet or flow when decoding a given pcap file.

It depends on the protocol. As an example ethernet has an ethertype field which indicate the next protocol. This is not

2025-03-31 10:22:32 +0000 received badge  Rapid Responder (source)
2025-03-26 13:59:28 +0000 commented answer High CPU Usage in 4.4.x

You could try a development build from https://www.wireshark.org/download/automated/win64/ https://www.wireshark.org/do

2025-03-24 09:16:40 +0000 commented question High CPU Usage in 4.4.x

Is this a network mounted file?

2025-03-18 10:59:03 +0000 commented question TS 24501-j11 version Analysis Support

That should be available in the development version. You can try https://www.wireshark.org/download/automated/win64/Wire

2025-03-17 11:24:37 +0000 answered a question TS 24501-j11 version Analysis Support

I think it is handled with this commit https://gitlab.com/wireshark/wireshark/-/merge_requests/19321

2025-03-16 09:32:58 +0000 commented question TS 24501-j11 version Analysis Support

https://www.3gpp.org/ftp/Specs/archive/24_series/24.501/

2025-02-27 17:56:06 +0000 commented answer "Unknown GSMTAP version" Info in Wireshark Version 4.4.4

Possibly the version check should be changed to warn about unknown version then try version 2.

2025-02-06 10:45:16 +0000 commented question IEC 61869-9 Sampled Values support

Do you have the preference "Force decoding of seqData as PhsMeas" set?

2025-01-28 12:21:23 +0000 commented answer Decoding SIP as raw texts

No, I suspekt esp is with null algoritm e.g not encrypted there is a preferenser for it but I don't remember the exakt w

2025-01-28 12:21:02 +0000 commented answer Decoding SIP as raw texts

No, I suspekt esp is with null algoritm e.g not encrypted there is a preferenser for it but I don't remember the exakt w

2025-01-28 12:07:38 +0000 answered a question Decoding SIP as raw texts

Look at the esp preferences.

2025-01-28 12:07:38 +0000 received badge  Rapid Responder (source)
2025-01-28 12:07:35 +0000 answered a question Decoding SIP as raw texts

Look at the esp preferences.

2025-01-28 12:07:35 +0000 received badge  Rapid Responder (source)
2024-10-29 11:18:33 +0000 commented answer Which version of Lua to compile LuaExpat for use with WireShark

4.4 comes with lua 5.4

2024-10-15 06:40:05 +0000 commented question TCP length value is more than negotiated MSS

https://blog.securityonion.net/2011/10/when-is-full-packet-capture-not-full.html?m=1

2024-10-03 15:06:18 +0000 received badge  Rapid Responder (source)
2024-10-03 15:06:18 +0000 answered a question How to set packet timestamp in a dissector

Rather than sending the packets over udp you could have your program write them in pcap-ng file format and analyze the r

2024-10-03 15:06:18 +0000 received badge  Rapid Responder (source)
2024-10-03 15:06:18 +0000 answered a question How to set packet timestamp in a dissector

Rather than sending the packets over udp you could have your program write them in pcap-ng file format and analyze the r

2024-09-06 14:18:12 +0000 answered a question Can you help me how to enable wireshark packet capture on this Virtual box using Ubuntu?

Did you set up your user for capturing? $ sudo apt-get install wireshark $ sudo dpkg-reconfigure wireshark-common $ su

2024-09-06 14:18:12 +0000 received badge  Rapid Responder (source)
2024-08-04 21:46:47 +0000 commented answer Out of Tree Dissector Build Problems on Windows

Just some comments: Once you have compiled Wireshark and your plugin recompiling is not that slow. As we prefere builtin

2024-08-04 10:13:38 +0000 answered a question Out of Tree Dissector Build Problems on Windows

The easiest is probably to edit CMakeListsCustom.txt.example in the top level dir and rename it CMakeListsCustom.txt I d

2024-07-03 08:00:56 +0000 commented answer Updated RFC 7268 and RFC 7155 RADIUS dictionary files

Radius files has been significantly updated/changed in master. Try a development build.

2024-06-09 19:33:11 +0000 answered a question capture and dissect packets java code example

https://www.jnetpcap.com/ has nothing to do with wireshark. You will have to ask them.

2024-06-09 19:33:11 +0000 received badge  Rapid Responder (source)
2024-03-01 20:55:33 +0000 commented question Installing wireshark/tshark on Linux Debian

https://launchpad.net/~wireshark-dev/+archive/ubuntu/stable

2024-01-28 20:36:02 +0000 commented question VM Win 11 Wireshark is not working

I'd look at how the vm nic is connected to the physical nic connecting to the switch span port.

2023-12-28 22:17:51 +0000 commented answer 5gc/http2/data(nas&ngap)

Can you open an issue and share a trace?

2023-12-21 14:10:59 +0000 answered a question 5gc/http2/data(nas&ngap)

That should be working. Do you see the http2 messages decoded properly?

2023-04-13 07:32:30 +0000 answered a question Last-UE-Activity-Time AVP over S6a in IDA message

Hi, I think your timestamp is in UNIX epoch,The Unix epoch (or Unix time or POSIX time or Unix timestamp) is the number

2023-04-13 07:10:02 +0000 commented question How to fullfill GPLv2 license when distributing Plugins?

If you plan to make the code public why not work with the Wireshark developers and offer your code as a MR instead?

2022-12-15 14:45:16 +0000 commented question how to dissect X711 CMIP traffic ?

So maybe decode as TPKT on TCP level?

2022-12-15 14:43:45 +0000 commented question how to dissect X711 CMIP traffic ?

This trace https://wiki.wireshark.org/uploads/__moin_import__/attachments/SampleCaptures/p772-transfer-success.pcap show

2022-12-15 14:43:12 +0000 answered a question how to dissect X711 CMIP traffic ?

This trace https://wiki.wireshark.org/uploads/__moin_import__/attachments/SampleCaptures/p772-transfer-success.pcap show

2022-12-15 14:43:12 +0000 received badge  Rapid Responder (source)
2022-09-09 05:35:29 +0000 commented answer Definition of dissector_rfc

Possibly the if("tree") should be removed as we have other optimizations now.

2022-09-09 05:33:54 +0000 commented answer Definition of dissector_rfc

Not that I know of.

2022-09-08 14:16:02 +0000 received badge  Rapid Responder (source)
2022-09-08 14:16:02 +0000 answered a question Definition of dissector_rfc

Hi, I think th eproblem is if we have a tree or not, there is plenty of if( c->tree). In th esecond example no tree i

2022-08-09 08:26:50 +0000 commented question what's necessary to have Wireshark 3.6.2 rpm install find dependencies?

If it's centos7 I think the original cmake may be to old and you need cmake3

2022-08-06 07:37:32 +0000 commented question what's necessary to have Wireshark 3.6.2 rpm install find dependencies?

Perhaps the dependencies do not have the correct versions?

2022-08-02 12:57:05 +0000 answered a question Wireshark v2.6.4 EOS date

https://wiki.wireshark.org/Development/LifeCycle it vent eol 2018...

2022-08-02 12:57:05 +0000 received badge  Rapid Responder (source)