grahamb's profile - activity

Logically, the higher the packet size the less number of packets required to send a file. This is true when I try 128

wireshark\tshark version? And can you share a capture that demonstrates the issue, use a public share such as Google Dr

Use data.len as the column rather than frame.len to see the reassembled length.

What application are you hoping to extract the pre-master secret from? Have you read the info from the wiki TLS page

Is is often the case, attempting to diagnose issues with a screenshot is difficult because important information elsewhe

I have no clue about SIP and what can be modified by hops, but the SIP element has clearly been modified as the UDP payl

What OS are you using?

Images can be posted on any public share and a link to it posted back here, but debugging by screenshot is very tricky a

Sorry I couldn’t find how to reply to each and make with add a comment, is not like other forums Could you make both

Sorry I couldn’t find how to reply to each and make with add a comment, is not like other forums Is it possible to s

To grahamb What sort of network devices are in between the local and remote site? Could they be modifying the SIP me

Commented: grahamb You're using a very, very old version of Wireshark (1.6.2) that's been obsolete (and therefore u

You're using a very, very old version of Wireshark (1.6.2) that's been obsolete (and therefore unsupported) for over 7 y

Sorry I couldn’t find how to reply to each and make with add a comment, is not like other forums Could you make both th

What sort of network devices are in between the local and remote site? Could they be modifying the SIP message?

Bug 16759 created.

ring buffer requested but capture isn't being saved to a permanent file I've tried below 2 cases: Ubuntu commandline:

Have you unbound all protocols from the workstation NIC to make it passive? See a blog post from @Jasper here.

@Eddy CMake should write errors to the CMakeFiles\CMakeError.log which might give some clues about the compiler identifi

@cmaynard Great suggestion to look at the build slaves, in this case I would suggest the 3.2 set as the user is trying t

Formatted for better inspection: C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\\Extensions\

Path: Path=C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\\Extensions\Microsoft\IntelliCode\

No need, accepting the answer is what we like folks to do here and you've done that so job done.

Key Extraction (Help/Hint Wanted) HI all, Hope you are all safe!! I need some help with an exercise I have if anyone c

It's an area that has changed a bit recently and so a lot of third party tutorials and examples are out of date.

OK, so the CMakeLists.txt expects CMAKE_CL_64 to be TRUE, and it isn't in your case. That's set by CMake if it's using

This bit of output is odd, not sure what that means: -- The C compiler identification is unknown -- The CXX compiler id

More output: -- Selecting Windows SDK version 10.0.18362.0 to target Windows 10.0.19041. -- The C compiler identificat

-- Selecting Windows SDK version 10.0.18362.0 to target Windows 10.0.19041. -- The C compiler identification

And you should be setting QT5_BASE_DIR. Another thought, are you using a build directory that you've previously configu

After opening the prompt, the banner should look like this: ***********************************************************

How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32) Building in Window

As you haven't mentioned it yet, the Wireshark Wiki page on TLS has info about the keying material required to decrypt a

Getting outside my knowledge boundaries here, but are you terminating the ERSPAN tunnel on the PC or the core switch? A

Getting outside my knowledge boundaries here, but are you terminating the ERSPAN tunnel on the PC or the core switch? A

Have you unbound all protocols from the workstation NIC to make it passive? See this blog post from @Jasper here.

A "Certificate Request" from the server should appear between the "Server Hello" and "Server Hello Done" messages and ca

Hi, I'd like to get the hidden radio stream links in order to create my list of radios on Reciva. Any help? I'm a newbie

ESP traffic seen in clear with NULL encryption algorithm only if authentication is SHA1, not SHA25. Why ?6 hi, with encr

traffic seen clear with NULL encryption algorithm only if authentication is SHA1, not SHA25. Why ?6 hi, with encryption-

@technologyevangelist, we don't generally close questions here, instead if an answer has answered your question, please

If an answer has answered your question, please accept it for the benefit of others with the same question by clicking t

Think of all the billions of older IoT type devices and home routers etc. that know nothing about TLS 1.3. the earlier

Think of all the billions of older IoT type devices and home routers etc. that know nothing about TLS 1.3. the earlier

Wireshark is setting the protocol as TLS 1.3 because that version is supported by the client. As you imply, the server

Not really a question that can be answered here. Google is your friend, there are tons of Wireshark resources out there

See the TLS 1.3 RFC 8446, section 4.2.1 where the SupportedVersions extension is discussed. For TLS 1.3, if the Suppor