2022-10-19 12:26:37 +0000 | commented question | RST acknowledgment numbers Are these between the same source and destination ip? If the acks are the same the entire capture period, then that IP |
2022-10-19 12:26:16 +0000 | received badge | ● Rapid Responder (source) |
2022-10-19 12:26:16 +0000 | answered a question | RST acknowledgment numbers Are these between the same source and destination ip? If the acks are the same the entire capture period, then that IP |
2022-01-10 23:43:23 +0000 | asked a question | TCP Analysis - what is the "Forward Direction" TCP Analysis - what is the "Forward Direction" In section 7.5. TCP Analysis of the documentation, TCP Fast Retransmissio |
2021-03-10 18:18:10 +0000 | answered a question | How to export TCP throughput into csv over time You need to use tshark to export data over time. Check out https://www.wireshark.org/docs/man-pages/tshark.html for deta |
2020-10-03 11:43:56 +0000 | received badge | ● Popular Question (source) |
2017-12-07 00:06:02 +0000 | commented question | Capture Filters - SSL Handshake or HEX That would be a display fillter, not a capture filter. However, it would work and is worth trying to see if the data you |
2017-12-06 23:45:26 +0000 | commented question | Apparent Failure to Negotiate TCP Session Is there a limitation on the server or firewall as to the number of concurrent connections? Maybe the allowed source por |
2017-12-06 23:31:43 +0000 | commented question | help me for convert "capture filter" to "bpf" What are you trying to capture with this filter? |
2017-12-06 23:21:38 +0000 | commented answer | I capture unwanted traffic to ip 64.91.226.82 whois LIQUIDWEB. How do i trace source? Were you capturing from a span or tap? Or was this traffic in an out of your own box? |
2017-12-06 23:19:59 +0000 | received badge | ● Rapid Responder (source) |
2017-12-06 23:19:59 +0000 | answered a question | How to make wireshark pop out a file when there are a lot of tcp retransmissions? You might be able to o this with tshark , filtering on retransmissions. Then you can count the instances an determine if |
2017-12-06 23:13:20 +0000 | answered a question | Application data isn't decrypted whether I choose spdy, data, http or tcp as protocol. That is TLS, to decrypt the traffic, you have the certs and key for the site. Even then, if Diffie Helman or ECC key exc |
2017-12-06 23:06:41 +0000 | asked a question | Problem with I/O graphs Problem with I/O graphs What ever happened to the advance options for I/O graphs? All I can get from the Y access is sci |