2022-10-16 05:16:18 +0000 | received badge | ● Rapid Responder (source) |
2022-10-16 05:16:18 +0000 | answered a question | Npcap 1.60 will not uninstall I was finally able to uninstall Npcap and then properly re-install Wireshark with new Npcap after I rebooted my PC. |
2022-10-15 19:13:06 +0000 | commented question | Npcap 1.60 will not uninstall The error I keep getting is: Unable to load Npcap or WinPcap (wpcap.dll); you will not be able to capture packets. In or |
2022-10-15 19:13:05 +0000 | asked a question | Npcap 1.60 will not uninstall NPCap 6.0 will not uninstall I upgraded my Wireshark today and it also tried to replace my NPCap 6.0 with a new 7.1, but |
2021-08-06 05:42:57 +0000 | received badge | ● Popular Question (source) |
2021-06-26 11:57:58 +0000 | received badge | ● Famous Question (source) |
2021-06-26 11:57:58 +0000 | received badge | ● Notable Question (source) |
2021-06-26 11:57:58 +0000 | received badge | ● Popular Question (source) |
2021-06-24 02:53:55 +0000 | received badge | ● Notable Question (source) |
2021-06-24 02:53:55 +0000 | received badge | ● Popular Question (source) |
2019-12-14 14:40:32 +0000 | commented answer | Follow HTTP stream vs Follow TCP stream bug? Makes sense. Thanks for the explanation. |
2019-12-14 13:39:23 +0000 | received badge | ● Commentator |
2019-12-14 13:39:23 +0000 | commented question | Follow HTTP stream vs Follow TCP stream bug? Further analysis of that file I previously mentioned, the problem ONLY seems to occur in streams 40, 41, 43, 45, 46 and |
2019-12-14 13:05:13 +0000 | commented question | Follow HTTP stream vs Follow TCP stream bug? The file came from an old Malware-Traffic-Analysis.net file. Zipped Sniffer File The zipped file is encrypted. The passw |
2019-12-14 12:52:15 +0000 | commented question | Follow HTTP stream vs Follow TCP stream bug? The file came from an old Malware-Traffic-Analysis.net file. link text The zipped file is encrypted. The password is [in |
2019-12-13 04:33:45 +0000 | answered a question | handling 150mb pcaps I used to work with massive 800MB captures... hundreds of them. You start using tshark for management like the followin |
2019-12-13 00:31:07 +0000 | asked a question | Follow HTTP stream vs Follow TCP stream bug? Follow HTTP stream vs Follow TCP stream bug? When I view HTTP streams vs TCP streams, the displayed content varies depen |
2019-10-02 01:58:25 +0000 | commented question | No interface found (Windows 10 Build 1903) Does this happen with both Admin and non-Admin users? |
2019-08-14 00:56:14 +0000 | answered a question | What does tell between 2 ip adresses mean This is an old question, but I think you mean "How do you tell the difference between 2 IP addresses"? Is that correct? |
2019-08-14 00:34:56 +0000 | answered a question | Client /server outage Is there a load balancer in front of your server? It sounds like one load balancer/or server might fail and clients att |
2019-08-14 00:28:14 +0000 | answered a question | Wireshark not showing LAN What are the 4 displayed options you do see? What Operating System are you using? Windows or Linux? Did you install PCAP |
2019-03-03 11:49:56 +0000 | marked best answer | Tshark command to output the original source and destination IPs of an icmp.type==3 code==4 packet. I want to use a Tshark command to pick out the original icmp source and destination ip and dump it into a text file: Example (shortened): What Tshark command can I use to read in multiple files and only output the text source and IPs mentioned above? Cheers, |
2019-03-03 08:52:35 +0000 | received badge | ● Rapid Responder |
2019-03-03 08:52:35 +0000 | answered a question | Tshark command to output the original source and destination IPs of an icmp.type==3 code==4 packet. Yes, I was looking for ip.src and ip.dst and your final answer [tshark -r icmp.code4.pcapng -T fields -E occurrence=l -e |
2019-03-02 04:42:54 +0000 | commented question | Tshark command to output the original source and destination IPs of an icmp.type==3 code==4 packet. It's the second instance of tcp.src & tcp.dst that I'm interested in... not the first instance. The one in the ICMP |
2019-03-02 04:17:05 +0000 | asked a question | Tshark command to output the original source and destination IPs of an icmp.type==3 code==4 packet. Tshark command to output the original source and destination IPs of an icmp.type==3 code==4 packet. I want to use a Tsha |
2018-07-24 08:36:06 +0000 | commented answer | tshark packet counter maximum value That sounds about right. I just dug up a screen capture of the counter from a few months ago and it showed 1,953,747,894 |
2018-07-24 00:38:01 +0000 | commented answer | tshark packet counter maximum value I'm currently looking at the tshark packet counter and it shows 747,345,008 packets with 297,457 packets dropped! What |
2018-07-23 07:44:59 +0000 | answered a question | wifi disconnects as wireshark starts From the DOS prompt, go to the Wireshark directory {usually under C:\Program Files\Wireshark> unless you installed it |
2018-07-23 07:10:06 +0000 | asked a question | tshark packet counter maximum value tshark packet counter maximum value When using tshark to dump to large files (i.e. 1GBytes/file) and you want to capture |