| 2021-09-17 12:10:01 +0000 | edited question | How to add wireless encryption type as a column How to add wireless encryption to the display Hello, I would like to add the wireless encryption(wep/wpa/wpa2) to the d |
| 2021-09-16 15:34:17 +0000 | edited question | End device goes offline randomly End device goes offline randomly Hello, Currently we are having issues with a surtain type of end device that goes offl |
| 2021-09-16 08:18:07 +0000 | edited question | Lots of TCP retransmission and TCP ACKed unseen segment Windows Server 2019 Lots of TCP retransmission and TCP ACKed unseen segment Windows Server 2019 Hi everyone, We are experiencing performanc |
| 2021-09-15 12:44:27 +0000 | commented question | Where do I even look to find the reason for a "400 Bad Request" ? You can post the capture in a public share and then add a link to it back here. I can't spot the issue, but you could c |
| 2021-09-14 16:15:06 +0000 | commented question | Hello, I cannot decode ethernet traffic data which is encapsulated inside MPLS. How can I do to decode such encapsulated data ? I'm using version 3.0.6. Not sure. Are you selecting "MPLS Protocol" in the "field "column and then setting the MPLS label value (202311) in the |
| 2021-09-14 15:11:21 +0000 | commented question | Hello, I cannot decode ethernet traffic data which is encapsulated inside MPLS. How can I do to decode such encapsulated data ? I'm using version 3.0.6. Have you tried using "Decode As..." on the packets to tell Wireshark what protocol that MPLS label refers to? |
| 2021-09-14 15:03:01 +0000 | edited question | Hello, I cannot decode ethernet traffic data which is encapsulated inside MPLS. How can I do to decode such encapsulated data ? I'm using version 3.0.6. Hello, I cannot decode ethernet traffic data which is encapsulated inside MPLS. How can I do to decode such encapsulated |
| 2021-09-14 08:13:56 +0000 | commented question | no xhc20 in filter list You mention capture filter a few times, do you actually mean interface list, i.e. the list of interfaces displayed under |
| 2021-09-13 07:51:22 +0000 | edited answer | Difference in used cipher suites Ms Edge (and many other Windows applications) uses the SChannel TLS config data from the registry to determine which TLS |
| 2021-09-13 07:51:06 +0000 | edited answer | Difference in used cipher suites Ms Edge (and many other Windows applications) uses the SChannel TLS config data from the registry to determine which TLS |
| 2021-09-13 07:50:46 +0000 | answered a question | Difference in used cipher suites Ms Edge (and many other Windows applications) uses the SChannel TLS config data from the registry to determine which TLS |
| 2021-09-13 07:50:46 +0000 | received badge | ● Rapid Responder (source) |
| 2021-09-12 10:47:10 +0000 | answered a question | Can the time column represent the transmission time? No, the time column represents the time at which the capturing mechanism recorded the packet being transmitted (or recei |
| 2021-09-12 10:47:10 +0000 | received badge | ● Rapid Responder (source) |
| 2021-09-10 15:10:07 +0000 | edited question | Need Help with malware Need Help with wireshark I've been struggling with WIFI issues for two years now. It started with an email from hackers |
| 2021-09-10 15:08:40 +0000 | commented question | Need Help with malware For malware issues Wireshark is usually not the answer and so this question of off-topic. Please seek help from a malwa |
| 2021-09-09 12:57:46 +0000 | commented question | How to filter by array index using dissectors? From your comments you're using WSGD for your dissector, support for that is over there. |
| 2021-09-06 21:35:26 +0000 | commented answer | Can't decrypt 802.11ax udp packets with wpa2 See Issue 17577. |
| 2021-09-06 18:35:52 +0000 | answered a question | Can't decrypt 802.11ax udp packets with wpa2 Please raise an issue over at the Wireshark GitLab instance attaching captures and any credentials\keying material. |
| 2021-09-06 18:35:52 +0000 | received badge | ● Rapid Responder (source) |
| 2021-09-04 13:27:39 +0000 | answered a question | Does the DRDA dissector support TLS Decryption? Not currently. Enhancement requests can be raised over at the Wireshark GitLab instance. |
| 2021-09-04 13:27:39 +0000 | received badge | ● Rapid Responder (source) |
| 2021-09-01 15:06:05 +0000 | answered a question | Why are packets captured on "\Device\NPF_Loopback" shown with a red background? Likely to be because the packets contain a TCP RST. You can check which coloring rule is being used by expanding the fr |
| 2021-09-01 15:06:05 +0000 | received badge | ● Rapid Responder (source) |
| 2021-09-01 15:03:25 +0000 | edited question | Why are packets captured on "\Device\NPF_Loopback" shown with a red background? Red Flag "\Device\NPF_Loopback" Hi, i hope anyone can tell me why wireshark flags the packages on the Screenshot in re |
| 2021-09-01 14:57:26 +0000 | edited question | Why are packets captured on "\Device\NPF_Loopback" shown with a red background? Red Flag "\Device\NPF_Loopback" Hi, i hope anyone can tell me why wireshark flags the packages on the Screenshot in re |
| 2021-09-01 07:47:39 +0000 | commented question | Why are packets captured on "\Device\NPF_Loopback" shown with a red background? Your question isn't clear and your image is missing. Please post your image on a public file share, e.g. Google Drive, |
| 2021-09-01 07:46:39 +0000 | edited question | Why are packets captured on "\Device\NPF_Loopback" shown with a red background? Ref Flag "\Device\NPF_Loopback" Hi, i hope anyone can tell me why wireshark flags this packages in red. Many Thanks |
| 2021-08-31 10:13:01 +0000 | answered a question | How to enable the eCPRI packet From the menu, Analyze -> Enabled Protocols, start typing "ecpri" in the search box and then check the box next to th |
| 2021-08-31 10:13:01 +0000 | received badge | ● Rapid Responder (source) |
| 2021-08-31 09:11:05 +0000 | commented answer | Inter-Frame references using Conversations and Request/Response Obviously if the state you require isn't in the capture, then you can't complete dissection. The dissector should fail |
| 2021-08-30 16:56:40 +0000 | commented answer | CMake problems with building with with Qt 6 on Windows Try the Qt offline installers, or go to the Qt Open Source page and click the link at the button to download the on-line |
| 2021-08-30 16:51:13 +0000 | commented answer | CMake problems with building with with Qt 6 on Windows Try the Qt offline installers. |
| 2021-08-30 08:09:26 +0000 | answered a question | Inter-Frame references using Conversations and Request/Response You should look at conversations and request\response tracking. A conversation is a way to build up state from all the |
| 2021-08-30 08:09:26 +0000 | received badge | ● Rapid Responder (source) |
| 2021-08-27 19:47:28 +0000 | received badge | ● Rapid Responder (source) |
| 2021-08-27 19:47:28 +0000 | answered a question | Expired Cert for Insecure NPCAP Admin-Only mode install npcap support is over there. |
| 2021-08-27 11:40:46 +0000 | commented answer | How to filter tcp connection finish (FIN) initiated by certain IP I didn't read the question properly and the comment from @Jaap highlighted the issue, in that the user wants the occurre |
| 2021-08-27 08:12:24 +0000 | edited question | Is it possible to use ssh dissector to decrypt traffic? Is it possible to use ssh dissector wireshark(edit->preferrences) to decrypt encrypted wireshark traffic, is yes plea |
| 2021-08-27 08:11:44 +0000 | received badge | ● Rapid Responder (source) |
| 2021-08-27 08:11:44 +0000 | answered a question | Is it possible to use ssh dissector to decrypt traffic? Decryption of SSH traffic is a work in progress and also requires some effort with the ssh client to extract the keying |
| 2021-08-27 07:59:21 +0000 | answered a question | How to filter tcp connection finish (FIN) initiated by certain IP Using the display filter: (ip.src == 1.1.1.1) && (tcp.flags.fin == 1) |
| 2021-08-27 07:59:21 +0000 | received badge | ● Rapid Responder (source) |
| 2021-08-26 13:18:26 +0000 | commented question | Custom bluetooth transport implementation You don't need to access the function directly, you do it indirectly via a dissector handle obtained from either a regis |
| 2021-08-26 12:08:07 +0000 | commented question | Custom bluetooth transport implementation The "extension" mechanism for Wireshark dissectors is via dissector registration and dissector tables to minimise direct |
| 2021-08-26 11:18:11 +0000 | commented question | Custom bluetooth transport implementation Given the stack you describe, why can't your dissector call the bluetooth top-level dissector (dissect_bluetooth) which |
| 2021-08-26 10:35:51 +0000 | commented question | Custom bluetooth transport implementation Sorry for being an idiot, but I don't follow the protocol stack you have. Are you saying you have something like: you |
| 2021-08-26 09:30:37 +0000 | commented question | Custom bluetooth transport implementation I'm not very familiar with bluetooth so might be missing the point as to where your protocol fits in, but the bluetooth |
| 2021-08-25 15:30:24 +0000 | edited answer | does wireshark 3.4.7 support 3gpp release 16 for NAS? Support was added (3GPP NAS: upgrade dissector to v16.6.0) Nov 13, 2020 but not backported to the 3.4 branch. The field |
| 2021-08-25 14:11:19 +0000 | commented question | 3.4.7 cant capture, keeps saying could not be initiated on interface Can dumpcap (the part of Wireshark that communicates with npcap) list the interfaces? Using a command prompt try the fo |
Copyright Wireshark Foundation, 2017-2020 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.