Guy Harris's profile - activity

I converted your answer to a comment as it doesn't answer the question as to what happened to the wireless toolbar an

Hi, Cmaynard, thanks for your contribution. I'm on my own, and nobody touches my PC. So, no practical joke... JJ ..

How do I remove WTAP encapsulation? For the past few days, Wireshark can no longer display packets properly. All od them

It seems like Wireshark is unable to use the right dissector because it is unable to detect that the USB_Bulk message

So, with an older version of Fedora (before Fedora 29), you used to capture using the usbmon utility and display that wi

This is probably bug 14453.

That's not a feature, as far as I'm concerned. Please file a bug on that on the Wireshark Bugzilla.

icmp ttl and total_length are displayed with decimals Hello, I did a capture on my local lan and I see something very we

I.e., the answer may be "because the Wireshark developers missed something in the code that handles some settings that c

How did you capture USB traffic outside of Wireshark? Was the machine on which you couldn't capture USB traffic within

I just ran C:\Windows\system32>TRACERT.EXE 8.8.8.8 From my older Windows8 box and got this: So it works for me

I am not sure if this is based on a new baseline for the Wireshark. I am not sure if this has anything to do with W

Devices may use these addresses to obfuscate their identity, to hamper tracking. That's exactly what iOS is doing;

I am running traceroute from windows cmd prompt. traceroute, or tracert? UN*X systems tend to ship with traceroute

In particular, do you want to "measure the delay and throughput of Wireshark", meaning "how many packets per second can

Note also that any program that uses libpcap to read capture files, such as tcpdump, can read some pcapng files if it's

As for a download link to TShark, you would get it by downloading and installing Wireshark. We don't have a separate do

follow-up http://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?url=https://raw.githubusercontent.com/pcapng/pcapng/

Wireshark has an "Export Objects" mechanism, which allows data objects transported over various protocols to be written

Wireshark has an "Export Objects" mechanism, which allows data objects transported over various protocols to be written

From your other question, you're running on Windows XP. As I explained in the answer to that question, you can't select

There was a "Wireshark 2 preview" in the 1.12 Windows installers up to 1.12.1. The name "Wireshark 2 preview" is a bit

What version of Wireshark are you using?

I'd suggest starting with what the answer to the old question says. An OUI of 00:00:00 is assigned to Xerox; that eithe

@grahamb uninstalled 1.12.1 installed 1.10 for XP reinstalled WinPcap - which generated an error (as below) in the mea

Which version of Wireshark are they calling "Wireshark 2 Preview"? Wireshark 2.0 was released in November 2015, more th

Does "w." stand for "Windows" or "Wireshark"? If it stands for "Wireshark", on what operating system are you running Wi

And you'll need to install an X11 server, such as Xquartz, to use the legacy Wireshark. (That's one reason why we stopp

If this is the same as this question, the answer is probably also the same - for one thing, in some locales, including I

how to read the summary results in Wireshark 1.12.7 (Biasanya lebih baik bertanya dalam bahasa Inggris daripada dal

"can't seem to access the USB ports" as in "I can't capture on them" or as in "I can try to capture on them but no packe

("You" here refers to the person who asked the question.) Note also that, if this network is a "protected" Wi-Fi networ

I infer from Jasper's answer that the service is "npf" for WinPcap and "npcap" for Npcap; you used "npf", so I'm inferri

I just launched Wireshark after my laptop was rebooted, and the launch time has shrunk significantly. I was wonderi

As it turns out, C:\Program Files\Wireshark\extcap exists, but is EMPTY. You probably didn't install the extcap pro

Your problem might be with extcap. Jasper's problem is with *pcap. As this is Windows, Wireshark is probably installed

Note that, as per bug 15126, there are two parts to "Finding local interfaces" - there's finding the interfaces that lib

"ip broadcast" means "the destination IP address is a broadcast address". As RFC 922 indicates, there are multiple type

It might be possible to set it with the -o flag, but we don't have very good documentation on setting preferences in gen

Those are mostly properties of an asynchronous serial line; a protocol running on an asynchronous serial line might spec

This may be a bug in the Mojave driver; at least some MacBooks have problems with monitor mode in Mojave. File a bug wi