Ask Your Question

Spooky's profile - activity

2019-04-16 17:53:24 +0000 received badge  Rapid Responder (source)
2019-04-16 17:53:24 +0000 answered a question RTP Packet Lost

Hi Anas, I've answered a similar question about previous segment not being captured. TCP segment not capture may be no

2019-04-09 17:02:03 +0000 received badge  Rapid Responder (source)
2019-04-09 17:02:03 +0000 answered a question Because the IP WAN appears in the source column and not the LAN

Hi, Not really a Wireshark question but I'm going to guess you are seeing the effect of NAT. (en español) You are prob

2019-03-27 01:55:49 +0000 answered a question Filter only NS and NA messages that used only in DAD (duplicate address detection process) in IPv6?

Hi Ahmed, I can't think of a way to filter NS and NA used for DAD because these ICMPv6 packets are the exact same forma

2019-03-21 19:43:42 +0000 edited answer What the display filter to only see traffic for a particular website?

Hi, This is how I do it but there are probably other (better?) ways. Capture all traffic when you are browsing to the

2019-03-15 01:05:13 +0000 received badge  Rapid Responder (source)
2019-03-15 01:05:13 +0000 answered a question TCP connection unexpected reset

Hi, It is interesting that the tablet initiating the TCP connection is the device sending the TCP RST. It could mean t

2019-03-13 03:04:28 +0000 received badge  Rapid Responder (source)
2019-03-13 03:04:28 +0000 answered a question Save or print dialogs (expert information, statistics) to text

Hi, You should be able to perform a right click on any lines in the expert information and see a "Copy" menu. The expe

2019-02-28 21:24:32 +0000 answered a question I cant capture packets when running Wireshark on a Raspberry pi

Hi, You probably need elevated privileges to see the interfaces in "Raspbian". I suggest you read this article. https

2019-02-28 21:17:11 +0000 commented question Can't see the requests starting from my pc

Can you provide more details about your setup? How and where do you capture? If you are capturing on your own PC or lap

2019-02-28 21:14:01 +0000 commented answer Using wireshark how do i identify an unknown devices ip/mac.

You need to figure out your MAC address so know that it is yours and not the CCTV device's MAC.

2019-02-28 21:14:01 +0000 received badge  Commentator
2019-02-28 21:12:52 +0000 edited answer Using wireshark how do i identify an unknown devices ip/mac.

Hi, If you are running WS on your laptop and capturing when it is plugged in the CCTV device then you should not have a

2019-02-28 21:11:47 +0000 received badge  Rapid Responder (source)
2019-02-28 21:11:47 +0000 answered a question Using wireshark how do i identify an unknown devices ip/mac.

Hi, If you are running WS on your laptop and capturing when it is plug in the CCTV device then you should not have a to

2019-02-28 20:34:40 +0000 answered a question Capture all traffics that is connected to home modem

Hi Mohamad, If you need to capture all traffic going through your modem then your best bet is to capture using a TAP be

2019-02-28 20:34:40 +0000 received badge  Rapid Responder (source)
2019-02-27 01:07:39 +0000 answered a question How to capture network activity on iOS simulator?

Hi Jinesh, The simulator app will use the Mac NIC (wired or wireless, you need to know when you capture) to reach the o

2019-02-26 00:07:17 +0000 answered a question What the display filter to only see traffic for a particular website?

Hi, This is how I do it but there are probably other (better?) ways. Capture all traffic when you are browsing to the

2019-02-25 23:48:45 +0000 commented answer How to find size of file downloaded?

Hi, I looked at the PCAP. It looks like something is wrong on the client (browser) side because we see it sends TLS 1.

2019-02-19 01:48:40 +0000 answered a question IO Graph Y-Axis

Hi, You seem to be running a newer version of Wireshark but looking at older I/O Graph references. Running version 2.6

2019-02-19 01:48:40 +0000 received badge  Rapid Responder (source)
2019-02-19 01:09:51 +0000 answered a question How to find size of file downloaded?

Hi, This will be difficult because www.7-zip.org is using HTTPS. If the file was downloaded over HTTP then you could s

2019-02-14 04:04:34 +0000 received badge  Rapid Responder (source)
2019-02-14 04:04:34 +0000 answered a question Video Buffer

Hi, TCP segment not capture may be normal if they are seen at the beginning of a capture or at least if you started cap

2019-02-14 03:48:12 +0000 answered a question troubleshooting Bad TCP

Hi, If you are playing online then most of your gaming traffic will be UDP packets. So filtering "BadTCP" will probably

2019-02-14 03:48:12 +0000 received badge  Rapid Responder (source)
2019-02-06 20:16:43 +0000 received badge  Rapid Responder (source)
2019-02-06 20:16:43 +0000 answered a question WiFi camera > Wireshark tcp dissect, data assembly > video player

Hi Darius, You can probably use Wireshark manually or a shell scripting language available on your platform to call tsh

2019-01-31 04:15:21 +0000 answered a question DNS amplification attack

Hi, A DNS amplification attack usually means that you are seeing "a lot" of DNS responses for queries that did not orig

2019-01-31 03:53:31 +0000 commented question TCP Retransmission PSH ACK

+1 on the certificates and encryption setup as possible culprit

2019-01-31 03:49:39 +0000 commented question Anyone know of a blacklisted IP database?

Hi Betty, If you only need a short list then there is Talos intelligence from Cisco. https://www.talosintelligence.com

2019-01-30 02:02:51 +0000 answered a question Is it Possible to filter A to B bps N/A or vice-versa in conversation?

Hi, I'm not sure what "N/A bps" is here but if you are going to Statistics then Conversations you can filter any of the

2019-01-30 01:56:14 +0000 answered a question Tracert command

Hi, You are correct. The Time To Live (TTL) field in the Internet Protocol (IP) headers will limit how many hops a pack

2019-01-30 01:32:56 +0000 commented question TCP Retransmission PSH ACK

Hi, My understanding is that you have a load balancer (LB) with a virtual IP (VIP) listening on port 8443 for HTTPS tra

2019-01-30 00:53:09 +0000 commented answer how to extract information of each video frames in a video streaming with Wireshark?

Hi Bonnie, It is hard to tell without having the actual PCAP in front of me. The remaining parts may be the original i

2019-01-30 00:52:06 +0000 commented answer how to extract information of each video frames in a video streaming with Wireshark?

Hi Bonnie, It is hard to tell without having the actual PCAP in front of me. The remaining parts may be the original i

2019-01-29 02:37:36 +0000 received badge  Rapid Responder (source)
2019-01-29 02:37:36 +0000 answered a question how to extract information of each video frames in a video streaming with Wireshark?

Hi, First keep in mind that there are a lot of different video formats out there and that Wireshark may or may not be a

2019-01-29 01:59:13 +0000 commented question windows routing and remote access server

Hi, I'm a bit confused by the explanation so let me state my understanding: You are on a host on the same network as t

2018-11-10 04:21:39 +0000 edited answer How I could capture the traffic of my smartphone or tablet

Hi, You may be able to capture some traffic by using a TAP on the link going from your router to your "Internet.” (To y

2018-11-10 04:20:15 +0000 received badge  Rapid Responder (source)
2018-11-10 04:20:15 +0000 answered a question How I could capture the traffic of my smartphone or tablet

Hi, You may be able to capture some traffic by using a TAP (https://www.instructables.com/id/Make-a-Passive-Network-Tap

2018-11-09 03:29:17 +0000 received badge  Rapid Responder (source)
2018-11-09 03:29:17 +0000 answered a question SYN followed by PSH ACK with incorrect ACK sequence number

Hi, There should always be a 3-way handshake when starting a new TCP connection. (Corner cases exist but are very rar

2018-11-06 20:54:28 +0000 received badge  Teacher (source)
2018-11-06 03:36:30 +0000 commented question client hangs no reset received

Did you try capturing on the egress and ingress interface of the firewall? Is it possible the firewall no longer has th

2018-11-06 03:17:14 +0000 answered a question TCP ACKed unseen segment

Hi Each [TCP ACKed unseen segment] means that you captured a TCP ACK packet but did not capture the actual data that w