xarzu's profile - activity

I am new to wireshark. I started watching one training video but it was long and I am looking for specific answers to questions to help in my coding job.

How is a message packet's protocol determined in wireshark? I have a .pcapng file I have been looking at and at first it seemed that the first three hex digits were the determining factor because they seemed to be unique to a protocol. But this is not the case. Instead they seem to be part of the destnation address.

Thanks in advance.

Also, just to be sure: the hexidesimal representation in teh third frame window represents the whole package without anything added or taken away, right? Is this a correct assumption?

How is a message's protocol determined in wireshark? I am new to wireshark. I started watching one training video but i

both. The answer below works for both

good job. That works !

Hello Friends,

I loaded a .pcapng file and examined the packets of data. I am working on code that uses this data and so I want to write some test code to help with this task. One step I want to make is to simulate the raw binary data that I see in the wireshark. In the wireshark UK, I am talking about the third window which shows a binary dump of data in hex format. How can I copy this data? When I tried, it only copied a text ascii representation of what is shown in the wireshark window.

I installed a hex code editor plug-in into notepad++ so that I can edit hex data by hand. But that is time consuming as it editing any hex code by hand.

I hopened the .pcapng file in hex editior and maybe this is the way to go, but it seemed as if I was looking at something that required a learning curve.

Please advise.

Can I do a binary / Hex dump from wireshark ? Hello Friends, I loaded a .pcapng file and examined the packets of data.