2021-04-15 09:17:09 +0000 | received badge | ● Rapid Responder (source) |
2021-04-15 09:17:09 +0000 | answered a question | Unknown protocol -- "pn_rt" Works for me. Profinet is provided by a plugin dissector, I suspect the tshark instance you're running somehow doesn't |
2021-04-15 08:06:34 +0000 | edited question | Unknown protocol -- "pn_rt" Unknown protocol -- "pn_rt" i am in linux environment ,when i run command below [[email protected] test]$ tshark -r |
2021-04-15 08:06:11 +0000 | commented question | Unknown protocol -- "pn_rt" tshark version info? |
2021-04-14 11:21:59 +0000 | edited question | why protocol result is 0x8892 not PNIO-PS why protocol result is 0x8892 not PNIO-PS in linux environment if user/test the column protocol is 0x8892 [[email protected] |
2021-04-14 10:36:50 +0000 | commented question | why protocol result is 0x8892 not PNIO-PS Possibly different configurations per user, are you sure they are running the same tshark binary? |
2021-04-14 09:42:32 +0000 | commented question | why protocol result is 0x8892 not PNIO-PS "use test or root" what are are test and root, different captures? |
2021-04-14 09:41:38 +0000 | edited question | why protocol result is 0x8892 not PNIO-PS why protocol result is 0x8892 not PNIO-PS my command is: tshark -r test.pcapng -Y "eth.addr==00:60:65:16:4f:22 && |
2021-04-13 20:39:56 +0000 | commented answer | How to remove email from bugs.wireshark.org? And possibly the Wayback Machine and whatever other TLA organisations have cached it. |
2021-04-13 16:33:28 +0000 | edited question | Unable to capture packets on Surface Mobile Broadband adaptor Unable to capture packets on Surface Mobile Broadband adaptor Some info: Driver version: 12.35.25.169 Windows version: |
2021-04-13 16:33:05 +0000 | edited question | Unable to capture packets on Surface Mobile Broadband adaptor Unable to capture packets on Surface Mobile Broadband adaptor Driver version: 12.35.25.169 Windows version: Windows |
2021-04-13 09:34:04 +0000 | commented question | Time deltas from previous frames are zeros System performance might be a reason for the differences. |
2021-04-13 07:59:01 +0000 | commented question | Time deltas from previous frames are zeros The issue is the granularity of the timestamping mechanism used by the capture library, in this case npcap, and the gran |
2021-04-12 19:53:22 +0000 | commented question | tshark -T ek or JSON output: # tshark -v TShark 1.10.14 (Git Rev Unknown from unknown) |
2021-04-12 11:03:59 +0000 | commented question | How can I patch a DDoS attack with a pcap? Hex string of what, the whole packet, or a portion of it? Note that it's likely that every packet is different, so ther |
2021-04-12 10:34:30 +0000 | commented question | How can I patch a DDoS attack with a pcap? If you're dropping packets with IP tables, the DDoS attack is already hitting that system, you need to take action furth |
2021-04-12 10:30:02 +0000 | received badge | ● Rapid Responder (source) |
2021-04-12 10:30:02 +0000 | answered a question | compound filter Display filters only operate on the information in a single frame, to decide whether that frame should be displayed or n |
2021-04-12 08:29:51 +0000 | commented question | extcap capture filter input check You might also post to the dev mailing list, see here. |
2021-04-11 19:41:59 +0000 | commented question | How can I patch a DDoS attack with a pcap? Your question doesn't make sense. A pcap is a file containing captured traffic, it can't be used to patch anything. Ma |
2021-04-10 12:31:33 +0000 | commented question | same packet decoded as different UDP/RTP between MacOS and other linux machine Re the profile and -C <config profile>, to copy settings from the newer version on the mac to the older version on |
2021-04-10 12:27:50 +0000 | commented question | how do I use the capture feature to see my ip address? What have you tried? |
2021-04-09 19:14:36 +0000 | commented question | same packet decoded as different UDP/RTP between MacOS and other linux machine The <config profile> is actually a directory named after the profile that contains the profile specific versions o |
2021-04-09 14:45:12 +0000 | commented question | Why does wireshark display the same timestamp for all frames? So using npcap 1.10. There is an old closed issue on their tracker here discussing timestamping that might help. Regar |
2021-04-09 14:40:30 +0000 | commented question | Why does wireshark display the same timestamp for all frames? Hi, Thank you for the replies. Here is the capture from wireshark: 3.4.4 (v3.4.4-0-gc33f6306cbb2) Compiled (64-bit) w |
2021-04-09 14:29:00 +0000 | answered a question | capture interface not displayed You haven't created an additional interface, you've just added an IP, so the interfaces list in Wireshark will still sho |
2021-04-09 14:29:00 +0000 | received badge | ● Rapid Responder (source) |
2021-04-09 13:48:38 +0000 | commented question | Why does wireshark display the same timestamp for all frames? Wireshark displays (and calculates) times using the values in the capture file. The times in the capture file are place |
2021-04-09 07:59:41 +0000 | commented question | same packet decoded as different UDP/RTP between MacOS and other linux machine I don't know if this is causing the issue, but Wireshark always does a 2-pass dissection and tshark, by default, only do |
2021-04-08 14:20:23 +0000 | received badge | ● Rapid Responder (source) |
2021-04-08 14:20:23 +0000 | answered a question | Sniffing COM Ports with Wireshark How do the IP packets get to a UART? If you don't want to disturb the network, then use a separate network tap and a sy |
2021-04-08 09:28:11 +0000 | received badge | ● Rapid Responder (source) |
2021-04-08 09:28:11 +0000 | answered a question | Windows 10 - no interfaces found You're still running an outdated version of npcap (from your info: with Npcap version 0.995). The new install of 3.4.4 |
2021-04-08 09:25:16 +0000 | commented question | Windows 10 - no interfaces found now the version is 3.4.4 but it is the same. Version 3.4.4 (v3.4.4-0-gc33f6306cbb2) Copyright 1998-2021 Gerald Combs |
2021-04-08 09:23:55 +0000 | edited question | Windows 10 - no interfaces found no interfances found I opened the wireshark then no interfaces found. I click about wireshark but there is no dialog. th |
2021-04-08 08:28:51 +0000 | commented question | Wireshark dissect information but not display in the dissect Do you have a preceding call to add the item to the tree as well? Again, look at how the tcp dissector does it in packe |
2021-04-08 08:25:54 +0000 | commented question | Wireshark dissect information but not display in the dissect You use the return value from proto_tree_add_item() as the argument for the PROTO_ITEM_SET_HIDDEN() call, e.g. txxx = p |
2021-04-08 08:21:49 +0000 | commented question | Windows 10 - no interfaces found You're running quite an old version of Wireshark that is no longer supported (see the Wiki LifeCycle page). You're also |
2021-04-08 08:14:12 +0000 | commented question | Windows 10 - no interfaces found About details: Version 3.0.3 (v3.0.3-0-g6130b92b0ec6) Copyright 1998-2019 Gerald Combs <[email protected]> a |
2021-04-07 21:59:31 +0000 | commented answer | Do you have a hash of your install files? I thought the download area used to have .asc or .sig files, but I may be imagining that. The announcement of each vers |
2021-04-07 21:56:10 +0000 | edited answer | How could I potentially export the actual binary file from a POST request? I'm not entirely sure your file will show up here, but you can try from the menu, File -> Export Objects -> HTTP . |
2021-04-07 21:55:18 +0000 | received badge | ● Rapid Responder (source) |
2021-04-07 21:55:18 +0000 | answered a question | How could I potentially export the actual binary file from a POST request? From the menu, File -> Export Objects -> HTTP ... and then select the object. More info in the User Guide here. |
2021-04-07 18:23:09 +0000 | edited answer | Do you have a hash of your install files? For the current release it's as detailed on the download page, in the "Verify Downloads" section. Note that all the ins |
2021-04-07 18:22:32 +0000 | received badge | ● Rapid Responder (source) |
2021-04-07 18:22:32 +0000 | answered a question | Do you have a hash of your install files? For the current release it's as detailed on the download page, in the "Verify Downloads" section. |
2021-04-07 16:33:26 +0000 | commented question | Wireshark dissect information but not display in the dissect The issue is likely to be in your code, it's used extensively in the codebase, e.g. packet-tcp.c where among other thing |
2021-04-07 14:17:43 +0000 | commented question | No interfaces found in WINDOWS 10 PRO @hugo.vanderkooij, that's why I asked the "about" contents, it shows us what the user has installed. |
2021-04-07 09:33:07 +0000 | edited question | Reset of FTP data transfer Reset of FTP data transfer Hi all, I'm troubleshooting random resets happening occasionally during FTP data transfer wh |
2021-04-07 09:03:25 +0000 | commented question | No interfaces found in WINDOWS 10 PRO Do NOT, ever, run with admin privileges, it's not required on Windows. Can you post the contents of the Help -> Abou |