2023-12-01 19:43:25 +0000 | commented answer | Can Wireshark capture traffic exchanged between two programs through TCP ports on the same machine? (or by using the any interface.) ...if you also want traffic on all the other network adapters, not just traffic be |
2023-12-01 19:29:44 +0000 | commented answer | Can Wireshark capture traffic exchanged between two programs through TCP ports on the same machine? (And for those on UN*Xes, you would capture on the loopback interface, called lo on Linux and lo0 on most other UN*Xes.) |
2023-11-18 19:54:12 +0000 | received badge | ● Rapid Responder (source) |
2023-11-18 19:54:12 +0000 | answered a question | Nordic BLE Sniffer Logs Stuck So I'm using the Nordic BLE sniffer with the included plugin to capture logs for a specific device. After sometime (s |
2023-11-16 08:27:20 +0000 | commented answer | usbpcap cannot be found after the wireshark4.0.10 source code is compiled. In the cmakelists.txt file of the wireshark4.0.10 source code, there is no relevant option for USBPCAP, indicating th |
2023-11-15 20:39:01 +0000 | answered a question | How to suppress ASCII length when using tshark to output TCP streams? Is it possible to get rid of the ASCII length (245) in such outputs? Not without modifying Wireshark source code. |
2023-11-15 20:39:01 +0000 | received badge | ● Rapid Responder (source) |
2023-11-15 19:46:50 +0000 | received badge | ● Rapid Responder (source) |
2023-11-15 19:46:50 +0000 | answered a question | PCAP Interpretation Which section of packet provides this information? That depends on the protocol. I need to do this as I am read |
2023-11-15 00:53:07 +0000 | commented answer | What does KO mean in HTTP Load Distribution Statistics? In my case I was trying to hunt down HTTP requests that were getting no response from the server. I wonder if they wo |
2023-11-15 00:51:20 +0000 | edited answer | What does KO mean in HTTP Load Distribution Statistics? What does the KO mean. As @Chuckc's response suggests, it means "not OK". I might suggest that a better string sho |
2023-11-13 20:24:58 +0000 | commented question | Cannot resolve hostname when using tshark What version are you using? There was a bug about that, filed against Wireshark 2.6.0; the fix was also backported to t |
2023-11-13 20:04:36 +0000 | received badge | ● Rapid Responder (source) |
2023-11-13 20:04:36 +0000 | answered a question | What does KO mean in HTTP Load Distribution Statistics? What does the KO mean. As @Chuckc's response suggests, it means "not OK". I might suggest that a better string sho |
2023-11-10 19:52:42 +0000 | commented question | Zsh Bus error in wireshark Do you mean "my shell is zsh, and when I run Wireshark, it reports a "Bus error"? If so, then 1) the shell is probably |
2023-11-08 20:28:44 +0000 | commented question | How to build tshark as a shared library, like libtshark.so? More precisely, what you want to use is the "read a pcap file, dissect the packets, and produce JSON objects for the dis |
2023-11-03 23:40:42 +0000 | commented answer | Trouble with running Wireshark (Promiscuous mode) 1.74 contains the real fix (1.73 contains a change from somebody named "Guy Harris" that fixed a problem that said someb |
2023-11-02 05:57:22 +0000 | received badge | ● Rapid Responder (source) |
2023-11-02 05:57:22 +0000 | answered a question | DNP Malformed Packets and Write, Unknown Could this be a dissector error in Wireshark Yes, it could be. or is this a true protocol implementation error |
2023-10-30 01:42:50 +0000 | commented question | Packet capture in this case Are you trying to embed packet capture in your app, even if the machine isn't plugged into a desktop or laptop computer, |
2023-10-27 20:59:23 +0000 | commented question | Same IP address but different MAC addresses LAN ------ FIREWALL------SERVERS There appear to be two networks there, one of which is the LAN into which the fire |
2023-10-27 19:43:03 +0000 | received badge | ● Rapid Responder (source) |
2023-10-27 19:43:03 +0000 | answered a question | ISDN Q.931 direction not visible in Call Flow Diagram Does anyone know, what causes this problem? Not for certain, but one possibility is "a bug in Wireshark". Please f |
2023-10-27 19:31:51 +0000 | commented question | Same IP address but different MAC addresses Is your packet capture being done on a machine on the same LAN segment as the server or on a segment bridged to the segm |
2023-10-27 19:29:18 +0000 | edited question | Same IP address but different MAC addresses Same IP but different Mac Hi all "I'm facing an issue in my network, and after a packet capture, I identified something |
2023-10-13 20:51:27 +0000 | commented question | Converting floating-point MMS What grahamb asked for was a network capture, not a picture. |
2023-10-13 20:51:06 +0000 | commented question | Converting floating-point MMS What graham asked for was a network capture, not a picture. |
2023-10-13 20:50:39 +0000 | commented question | Converting floating-point MMS What graham asked for was a network capture, not a picture. |
2023-10-13 20:50:00 +0000 | commented answer | Converting floating-point MMS Yes, the code for floating-point items needs to be redone. Please file a bug about this on the Wireshark issues list, a |
2023-10-13 19:45:45 +0000 | commented answer | Why can't I export a PCAPNG to K12 format? So what I'm really trying to do is edit those packets so I can replay them. So in what fashion are you trying to re |
2023-10-13 19:20:17 +0000 | commented question | How to capture the packets go thru E1/T1 interface that attached to windows server 2008 with Wireshark? When you say "E1/T1 interface that attached to windows server 2008", are you referring to a hardware device that is conn |
2023-10-11 23:13:54 +0000 | received badge | ● Rapid Responder (source) |
2023-10-11 23:13:54 +0000 | answered a question | Why can't I export a PCAPNG to K12 format? K12 text format is not some special file format that supports all packet encapsulations handled by Wireshark. (There is |
2023-10-10 19:07:24 +0000 | edited question | how to restore after clicked disable IEEE 802.11 how to restore after clicked disable IEEE 802.11 I accidentally clicked disable IEEE 802.11 and my wireshark file became |
2023-10-10 19:07:10 +0000 | edited question | how to restore after clicked disable IEEE 802.11 how to restore after clicked disable IEEE 820:11 I accidentally clicked disable IEEE 820:11 and my wireshark file became |
2023-10-09 08:32:49 +0000 | commented answer | How to store information in previous packet to decode next packet in lua script You could store the values in a global table indexed by packet number. Which is similar to how most if not all diss |
2023-10-08 09:24:38 +0000 | commented answer | Expert Information - Severity Error For example, I had the message "New fragment overlaps old data". TCP Recamouflage Mission Error. I think that's mor |
2023-10-08 07:47:40 +0000 | answered a question | Expert Information - Severity Error If I set the packets under the respective error filter to Ignore, does this go into the network or is this ignored in |
2023-10-08 07:47:40 +0000 | received badge | ● Rapid Responder (source) |
2023-10-05 22:37:43 +0000 | commented answer | How to reduce size of file so as to open in Wireshark What software did you use to unzip the file and to extract the log files? |
2023-10-05 22:00:12 +0000 | commented answer | How to reduce size of file so as to open in Wireshark From the documentation I found for "adb download", it appears that what that command stores on your machine is a zip fil |
2023-10-05 21:43:54 +0000 | commented answer | How to reduce size of file so as to open in Wireshark I apologize for the length of my answer, but I did not know how to better explain my predicament. (It's a comment, |
2023-10-05 21:35:24 +0000 | commented answer | How to reduce size of file so as to open in Wireshark I used software from this website link text to transfer the btsnoop_hci.log file from my Android smartphone to my Window |
2023-10-05 21:27:36 +0000 | received badge | ● Rapid Responder (source) |
2023-10-05 21:27:36 +0000 | answered a question | example code packet-sf19.c build - no display SF19 protocol I install the Wireshark development using the Visual Studio 2002 Presumably meaning "Visual Studio 2022", not "2002 |
2023-10-05 21:15:47 +0000 | commented answer | changing label of second packet bytes pane page creates tvb with unique names which are displayed on the tab labels in the packet bytes. Note that tvbs don't thems |
2023-10-05 21:15:20 +0000 | commented answer | changing label of second packet bytes pane page creates tvb with unique names which are displayed on the tab labels in the packet bytes. Note that tabs don't thems |
2023-10-05 09:51:25 +0000 | commented question | changing label of second packet bytes pane page Unfortunately I have to manage the reassembly of certain frames and in particular create a new TVB object for this, w |
2023-10-04 22:05:03 +0000 | answered a question | How to reduce size of file so as to open in Wireshark "The capture file appears to be damaged or corrupt. (btsnoop: File has 385941504-byte packet, bigger than maximum of |
2023-10-04 22:05:03 +0000 | received badge | ● Rapid Responder (source) |