| 2019-11-18 07:45:00 +0000 | received badge | ● Rapid Responder (source) |
| 2019-11-18 07:45:00 +0000 | answered a question | What does a TCP zero window message implies? The first Google search result for "TCP Zero Window" shows we have a wiki page for that: TCP Zero Window. |
| 2019-11-18 07:43:03 +0000 | answered a question | How to find mapping for dissector? The reference site for the Wireshark source code is currently here. The nr-rrc dissector is an "asn1" dissector where t |
| 2019-11-18 07:43:03 +0000 | received badge | ● Rapid Responder (source) |
| 2019-11-17 21:21:16 +0000 | received badge | ● Nice Answer (source) |
| 2019-11-17 17:09:39 +0000 | answered a question | I captured what I believe is an unpatchable attack Looks to me like a SYN-ACK reflection attack, an inefficient form of DDOS. Some recent analysis of such attacks from Ak |
| 2019-11-17 17:09:39 +0000 | received badge | ● Rapid Responder (source) |
| 2019-11-17 16:48:58 +0000 | commented answer | wire shark only showing Adapter for loop back traffic capture You're welcome, but this is yet another case of the npcap service stopping for unknown reasons. Maybe we should add som |
| 2019-11-17 16:48:00 +0000 | commented answer | wire shark only showing Adapter for loop back traffic capture output: SERVICE_NAME: npcap TYPE : 1 KERNEL_DRIVER STATE : 1 STOPPED WIN32_EXI |
| 2019-11-16 21:50:44 +0000 | answered a question | Why is wireshark not detecting my network adapter? This seems like yet another duplicate question about lack of interfaces when using npcap. See here for the most recent |
| 2019-11-16 21:50:44 +0000 | received badge | ● Rapid Responder (source) |
| 2019-11-16 19:41:16 +0000 | commented question | Why is wireshark not detecting my network adapter? What do you mean by "not detecting my network"? |
| 2019-11-16 16:28:20 +0000 | commented question | How can i see the unique ID of a HTTP
packet? It's obviously 42. |
| 2019-11-16 15:46:45 +0000 | answered a question | wire shark only showing Adapter for loop back traffic capture You're running with a slightly out of date version of npap (shouldn't be an issue). As with quite a few similar questio |
| 2019-11-16 15:46:45 +0000 | received badge | ● Rapid Responder (source) |
| 2019-11-16 15:42:57 +0000 | commented question | wire shark only showing Adapter for loop back traffic capture version info: Version 3.0.6 (v3.0.6-0-g908c8e357d0f) Copyright 1998-2019 Gerald Combs <[email protected]> an |
| 2019-11-16 12:08:49 +0000 | commented question | wire shark only showing Adapter for loop back traffic capture Open the menu item Help -> About Wireshark. On the Wireshark tab highlight the text with the mouse and press Ctrl + |
| 2019-11-15 19:55:33 +0000 | commented question | tshark - replacement character? :( output: LANG=en_US.UTF-8 LANGUAGE=en_US LC_CTYPE="en_US.UTF-8" LC_NUMERIC=es_AR.UTF-8 LC_TIME="en_US.UTF-8" LC_COLLATE= |
| 2019-11-15 19:55:09 +0000 | commented question | tshark - replacement character? :( LANG=en_US.UTF-8 LANGUAGE=en_US LC_CTYPE="en_US.UTF-8" LC_NUMERIC=es_AR.UTF-8 LC_TIME="en_US.UTF-8" |
| 2019-11-15 19:11:07 +0000 | commented question | tshark - replacement character? :( OK, what's your locale, i.e. the output of locale? |
| 2019-11-15 18:36:02 +0000 | commented question | tshark - replacement character? :( What OS and what shell are you running this on? |
| 2019-11-15 12:16:47 +0000 | commented question | Could not create profiles directory These are the output of the commands total 0 drwx------ 3 root staff 96 May 30 16:55 . drwxr-xr-x+ 33 luke staff 1056 N |
| 2019-11-15 11:50:31 +0000 | commented question | Could not create profiles directory Could you start a Terminal and give us the output of the commands ls -la /Users/luke/.config and ls -la /Users/luke/.con |
| 2019-11-14 12:16:20 +0000 | commented answer | SML dissector doesn't work The SML dissector only dissects traffic over UDP or TCP. You can use text2pcap to create a pcap file. By using the opt |
| 2019-11-14 11:54:31 +0000 | commented question | Unable to decode RRC reconfiguration message You could try installing a standard release and check with that, else you'll need to share the capture. |
| 2019-11-14 11:41:34 +0000 | commented question | Unable to decode RRC reconfiguration message Version 3.0.5.lte.1910.01 (v3.0.5.lte.1910.01-0-gd4e5a60985dd) That looks like a custom build, not a standard rele |
| 2019-11-14 11:40:17 +0000 | commented question | Unable to decode RRC reconfiguration message You have to upload the capture to a public share, e.g. Google Drive, DropBox etc. and post a link back here. |
| 2019-11-14 11:20:36 +0000 | commented question | What is the unique id given to a posted packet in ws? Duplicate of https://ask.wireshark.org/question/12986/unique-id-of-a-packet/ |
| 2019-11-14 11:19:59 +0000 | commented question | Unable to decode RRC reconfiguration message Wireshark version, OS, capture file? |
| 2019-11-14 11:19:27 +0000 | edited answer | SML dissector doesn't work You need to set the dissector port (defaults to 0), either by editing the dissector preferences (Edit -> Preferences |
| 2019-11-14 11:19:17 +0000 | answered a question | SML dissector doesn't work You need to set the dissector port (defaults to ), either by editing the dissector preferences (Edit -> Preferences - |
| 2019-11-14 11:19:17 +0000 | received badge | ● Rapid Responder (source) |
| 2019-11-14 11:12:14 +0000 | edited question | SML dissector doesn't work dissector doesn't work Hello, I try to comprehend this example: https://wiki.wireshark.org/SML But for me the dissec |
| 2019-11-14 11:11:51 +0000 | edited question | SML dissector doesn't work disselector desn't work Hello, I try to comprehend this example: https://wiki.wireshark.org/SML But for me the disse |
| 2019-11-14 10:16:52 +0000 | commented answer | Installation on Win 10 failed Unfortunately not. If the installation is allowed to run then it will only update if required, however it must run. |
| 2019-11-14 09:45:19 +0000 | commented answer | Installation on Win 10 failed That number makes more sense, its 0x800704EC in hex which now looks like a Windows error. According to the MS error loo |
| 2019-11-14 09:00:50 +0000 | commented answer | Installation on Win 10 failed Can you confirm the error code, it looks a bit odd? |
| 2019-11-13 16:49:14 +0000 | commented question | Is there a way to allow wireshark to analyze the internet connection on other devices on the same network? How are the laptops connected to the network, wired or wireless? |
| 2019-11-13 15:53:25 +0000 | commented question | Wireshark unable to load customized plugin Those "errors" look to me like WinDbg reporting modules that don't have symbols available. What happens if you "continu |
| 2019-11-13 15:42:41 +0000 | answered a question | Installation on Win 10 failed Wireshark requires the Universal CRT platform component to be installed and until now I thought that this was installed |
| 2019-11-13 15:42:41 +0000 | received badge | ● Rapid Responder (source) |
| 2019-11-13 12:14:07 +0000 | commented answer | random data going to broadcast I googled UDP "27127" and UDP "1740". Note the quotes around the port numbers to only show pages that included those sp |
| 2019-11-13 11:59:15 +0000 | received badge | ● Rapid Responder (source) |
| 2019-11-13 11:59:15 +0000 | answered a question | random data going to broadcast If your environment does PLC work then these might be possible answers: The 1740-43 ports seem to be used by Codesys PL |
| 2019-11-13 11:05:27 +0000 | commented question | random data going to broadcast Can you share a capture containing the packets in question?? Use a public file share such as Google Drive, DropBox etc. |
| 2019-11-13 11:04:39 +0000 | commented answer | Different protocols recognized by tshark on Windows and Linux Note that the preference defaults are the same for all platforms, although they may have changed between versions so it' |
| 2019-11-13 10:15:47 +0000 | commented question | Wireshark unable to load customized plugin I ran wireshark with windbg i found following issue. ModLoad: 0a5d0000 0a985000 D:\wsbuild32\run\RelWithDebInfo\plugi |
| 2019-11-13 08:33:31 +0000 | answered a question | How do I extract the hex section from a pcap file? Extra ields are specified in the command by adding a -e argument with the field name, use multiple -e field.name argumen |
| 2019-11-13 08:33:31 +0000 | received badge | ● Rapid Responder (source) |
| 2019-11-13 07:56:01 +0000 | answered a question | Export filtered packets Use the menu item File -> Export Specified Packet. Guidance for the Packet Range fields this dialog can be found in |
Copyright Wireshark Foundation, 2017-2019 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.