Ask Your Question

Jaap's profile - activity

2020-05-25 17:36:40 +0000 commented question Big SSL Packets Due to List of CAs. Improve SSL Handshake

Sharing the capture file on a publicly accessible site makes analysing this issue so much better.

2020-05-25 13:25:36 +0000 edited question Wireshark crashes every time when saving files

Wireshark crashes every time when saving files Running on Win8.1, the PC is a Dell Precision 3800. Already uninstalled D

2020-05-25 13:24:50 +0000 edited question Wireshark crashes every time when saving files

WireShark crashes every time when saving files Runnin8 on win 8.1, The pc is a Dell Precision 3800. already uninstalled

2020-05-23 20:01:06 +0000 answered a question dumpcap - get packet drop report periodically

You can send it SIGINFO to provoke it printing the stats. Conditions apply, see source code.

2020-05-23 20:01:06 +0000 received badge  Rapid Responder (source)
2020-05-22 06:46:58 +0000 received badge  Rapid Responder (source)
2020-05-22 06:46:58 +0000 answered a question Can I pull ip's using ethernet

This and this should have answered a simple Google search.

2020-05-21 07:10:55 +0000 commented question winflexbison installer has malware?

It could also be a false positive, it sometime happens.

2020-05-15 06:38:06 +0000 answered a question what are the HW specification for best Wireshark performance

Let's see, what helps: CPU: Speed is nice, to process possible lot of data. many cores is less relevant since processi

2020-05-15 06:38:06 +0000 received badge  Rapid Responder (source)
2020-05-15 06:25:24 +0000 answered a question Anyconnect & Windows 10 laptop

What you are missing is the fact that it's the capture engine, either WinPcap or Npcap, that is relevant here. They way

2020-05-15 06:25:24 +0000 received badge  Rapid Responder (source)
2020-05-13 22:02:35 +0000 received badge  Rapid Responder (source)
2020-05-13 22:02:35 +0000 answered a question How can I get the flow count from a pcap file ?

Probably the Conversations in the Statistics menu should give you a pretty good insight.

2020-05-13 06:54:40 +0000 received badge  Rapid Responder (source)
2020-05-13 06:54:40 +0000 answered a question Could wireshark set the capture size for every packet ?

Have a look at snaplen in the capture options, as described in the Users Guide

2020-05-12 20:59:12 +0000 commented question Wireshark not capturing traffic asking for ssh key

You can post a picture or rather a capture file on any file sharing service you like and post a publicly accessible link

2020-05-11 18:53:33 +0000 received badge  Rapid Responder (source)
2020-05-11 18:53:33 +0000 answered a question Best current books to learn Wireshark and Network Engineering

Try this one: Practical Packet Analysis, by Chris Sanders.

2020-05-10 11:21:28 +0000 commented question USB Adapter with packet drops

During your ipref test, was the interface in promiscuous mode? That seems to be a differentiator here.

2020-05-08 08:04:46 +0000 commented question What to do with large ICMP packets?

A little more detail on the type of ICMP and/or other traffic from that outside IP would be helpful.

2020-05-07 20:55:43 +0000 edited question What to do with large ICMP packets?

What to do with large ICMP packets? What do I see if I use Wireshark to log traffic on my network and I notice a number

2020-05-07 20:55:42 +0000 edited question What to do with large ICMP packets?

What do I see if I use wireshark to log traffic on my network and I notice a number of packets being directed to an inte

2020-05-06 06:10:26 +0000 edited question RTP packet delay

RTP packet delay Hello, i want to ask how to calculate transmission delay for every RTP packet that was captured by Wire

2020-05-06 06:09:56 +0000 answered a question Is that possible to write a user-defined script to analyze the whole packages?

These statistics make use of the tapping mechanism, so depending on the specifics of your protocol a suitable tap may be

2020-05-06 06:09:56 +0000 received badge  Rapid Responder (source)
2020-05-06 05:58:54 +0000 commented question How do I fix this helper program for basic admin tool?

This sound totally unfamiliar, so please post a screenshot or two somewhere on an image or file sharing site and add lin

2020-05-06 05:57:47 +0000 edited question How do I fix this helper program for basic admin tool?

Whenever I try launching my Wireshark it keeps asking me to allow helper program for basic admin tool and when I press Y

2020-05-06 05:57:46 +0000 edited question How do I fix this helper program for basic admin tool?

Whenever I try launching my Wireshark it keeps asking me to allow helper program for basic admin tool and when I press Y

2020-05-05 15:58:33 +0000 answered a question Can I tell if TCP traffic was sent by a firewall and not one of the hosts?

Sometimes the IP TTL can give a clue. Sometimes the timing of the packets as well. As usual, it depends.

2020-05-05 15:58:33 +0000 received badge  Rapid Responder (source)
2020-05-05 15:56:06 +0000 answered a question Query on wireshark terms/license

Everything is based in the GPL version 2. What it comes down to is that it's a license on distribution, i.e., if you dis

2020-05-05 15:56:06 +0000 received badge  Rapid Responder (source)
2020-05-01 20:39:27 +0000 commented question remove modbus packets/filter modbus

Save the display packets, how?

2020-05-01 05:45:25 +0000 commented question So im using windows 7 and i keep getting no interface found

Besides Windows 7 it would be a good idea to provide some more details on what you're working with, i.e. Wireshark versi

2020-04-30 20:35:33 +0000 commented question Capturing OpenFlow Traffic in Mininet

That won't work because the Mininet VM's are equipped with very old Wireshark 1.10.6, which does not have the OpenFlow d

2020-04-30 20:33:53 +0000 received badge  Rapid Responder (source)
2020-04-30 20:33:53 +0000 answered a question Capturing OpenFlow Traffic in Mininet

What you see is the X11 traffic on the loopback as well. The best approach would be to setup a capture filter to only c

2020-04-30 08:05:16 +0000 commented question Unable decode RSA

Does this sound in accordance to your test scenario: Session resumption using Session ID

2020-04-30 06:35:44 +0000 commented question Unable decode RSA

Did you read through the log, was there anything that didn't match your expectation?

2020-04-29 12:13:06 +0000 commented question Sniff usb with non-root user under Ubuntu 18.04

What does /sbin/getcap /usr/bin/dumpcap say?

2020-04-28 08:30:02 +0000 received badge  Rapid Responder (source)
2020-04-28 08:30:02 +0000 answered a question pcap file containing cryptcat conversation

You'll have to have a look at the cryptcat source code (to be found on SourceForge) to see how they bolted on encryption

2020-04-28 06:55:26 +0000 commented question pcap file containing cryptcat conversation

What have you tried so far?

2020-04-26 20:29:51 +0000 commented answer Print selected packets to text file isn't working on Windows

How do you get different numbers on the "Selected packets only" row. Do you have a display filter active?

2020-04-26 19:00:42 +0000 answered a question Print selected packets to text file isn't working on Windows

You have to select something(s) of the packet format on the right of the dialog.

2020-04-26 19:00:42 +0000 received badge  Rapid Responder (source)
2020-04-26 09:20:51 +0000 answered a question Will actually support GQUIC version Q046?

There's a bug open for this but the implementation was not finished. As in a community project, it is community members

2020-04-26 09:20:51 +0000 received badge  Rapid Responder (source)
2020-04-26 07:03:36 +0000 received badge  Rapid Responder (source)