2024-09-25 13:05:52 +0000 | answered a question | Capture the cURL (https://curl.se/) request (header and body) initiated by Postman REST API client In the Postman GUI you can view the HTTP headers send and received, in the tab labelled "Headers". When using curl the |
2024-09-25 13:05:52 +0000 | received badge | ● Rapid Responder (source) |
2024-09-22 15:44:29 +0000 | commented question | Why is my network traffic visible on loopback interface but not Ethernet in Wireshark capture? Is it supposed to communicate to the outside world (Ethernet interface) in plain text? Or is it encrypted (using TLS)? I |
2024-09-21 19:13:18 +0000 | answered a question | Packets shown as SSL Use the 'Decode As' functionality to force decoding as the protocol of your choice. Useful when the heuristic selection |
2024-08-18 10:18:30 +0000 | received badge | ● Rapid Responder (source) |
2024-08-18 10:18:30 +0000 | answered a question | Error unknown (0xC05D0001) in SMB2 Tree Connect Response Please open an issue at https://gitlab.com/wireshark/wireshark/-/issues/ |
2024-08-08 18:59:33 +0000 | received badge | ● Rapid Responder (source) |
2024-08-08 18:59:33 +0000 | answered a question | VLAN tagged frames not able to see in the Wireshark capture. Next to the MonitorModeEnabled = 1 setting in the registry, as described on the Intel page, you also need to disable the |
2024-08-07 17:02:37 +0000 | commented question | Wireshark remote capture The npcap loopback adapter can be used to capture traffic on the loopback interface. Thus traffic that remains inside yo |
2024-07-28 10:45:24 +0000 | commented question | How do you uninstall Wireshark on Windows? What Operating System are you using? E.g. on Windows there is a uninstall-wireshark.exe in the directory where Wireshar |
2024-07-27 16:06:51 +0000 | answered a question | Interfaces with asterisk - what is it? The Windows native command ipconfig /all will most likely also show interfaces with names ending with an asterisk. (So i |
2024-07-20 16:25:38 +0000 | answered a question | Confusing swap of text2pcap in/outbound addresses Without the -D option, but with -i option, all packets are considered inbound. So for outbound they must be swapped. Yo |
2024-07-12 18:34:28 +0000 | answered a question | Trouble converting string number to number with tonumber() function on This should work on both PCs, with either English or German locale. By resetting the locale to the default ("C"), thus |
2024-07-12 18:34:28 +0000 | received badge | ● Rapid Responder (source) |
2024-06-09 10:13:08 +0000 | answered a question | Write java code example to make capture and dissect packets Not a Wireshark question. Try googling 'slytechs' instead. |
2024-06-09 10:13:08 +0000 | received badge | ● Rapid Responder (source) |
2024-05-20 18:34:59 +0000 | received badge | ● Rapid Responder (source) |
2024-05-20 18:34:59 +0000 | answered a question | Can wire shark be used on iPhone XR? Not directly. One option is to send the traffic through a proxy like mitmproxy, another is to use a Remote Virtual Inte |
2024-04-27 10:22:29 +0000 | received badge | ● Rapid Responder (source) |
2024-04-27 10:22:29 +0000 | answered a question | Filter first and last packet in all conversations This display filter will show all the first captured packet per TCP stream: tcp.time_relative == 0 Thus including strea |
2024-04-20 16:51:54 +0000 | commented answer | Wireshark Portable does not start in "Program Files (Portable)" folder What happens when you put it in a folder without a space in the name? Are you using a pathname in double-quotes to laun |
2024-04-09 17:43:07 +0000 | commented question | visual c++ redistributable installer failed with error 5 Which version of Wireshark are you trying to install? One google search on your text and I got: https://ask.wireshark.or |
2024-04-04 20:35:25 +0000 | received badge | ● Rapid Responder (source) |
2024-04-04 20:35:25 +0000 | answered a question | ERROR: Both --etlfile and --params arguments are empty There is already an issue open for that: https://gitlab.com/wireshark/wireshark/-/issues/19451 Bottom line: don't selec |
2024-03-21 19:57:22 +0000 | edited answer | using tshark with huge display filters There is no option to read the display filter from a file instead. The Windows command line length is limited to 32,767 |
2024-03-21 19:51:31 +0000 | received badge | ● Rapid Responder (source) |
2024-03-21 19:51:31 +0000 | answered a question | using tshark with huge display filters There is no option to read the display filter from a file instead. The Windows command line length is limited to 32,767 |
2024-03-08 13:27:58 +0000 | edited answer | Unable to open PCAP file Either the file you try to open is corrupt or it does not contain a proper pcap header. On Linux the command file is av |
2024-03-08 13:24:52 +0000 | answered a question | Unable to open PCAP file Either the file you try to open is corrupt or it does not contain a proper pcap header. |
2024-03-08 13:24:52 +0000 | received badge | ● Rapid Responder (source) |
2024-02-28 19:51:28 +0000 | commented question | How To Correct My Public IP Address Not Showing UP? To see your public IP-address go to https://api.ipify.org/ When doing this from behind a device that does NAT (Network |
2024-02-28 19:51:09 +0000 | commented question | How To Correct My Public IP Address Not Showing UP? To see your public IP-address go to https://api.ipify.org/ When doing this from behind a device that does NAT (Network A |
2024-02-25 13:21:04 +0000 | edited answer | Does the wireshark installer actually DL from from NA? Actually you are blocking IP-ranges, not counties. With the current shortage of IPv4 addresses, IP-ranges are traded mo |
2024-02-25 13:19:51 +0000 | received badge | ● Rapid Responder (source) |
2024-02-25 13:19:51 +0000 | answered a question | Does the wireshark installer actually DL from from NA? Actually you are blocking IP-ranges, not counties. With the current shortage of IPv4 addresses, IP-ranges are traded mo |
2023-12-09 10:09:39 +0000 | commented question | There is no password being sent to the router for admin login on a tp-link router The very first HTTP GET request you posted here is for a CSS (base.css). It appears that this is after the actual login. |
2023-12-04 16:58:08 +0000 | commented answer | Getting thousands of errors while linking Wireshark with QT library Wireshark version >= 4.2 should be compiled using Qt6. See https://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWi |
2023-12-01 19:34:32 +0000 | commented answer | Can Wireshark capture traffic exchanged between two programs through TCP ports on the same machine? (or by using the any interface.) |
2023-12-01 08:16:09 +0000 | answered a question | Can Wireshark capture traffic exchanged between two programs through TCP ports on the same machine? Yes, select the "Adapter for loopback traffic capture" interface on Windows. I am of the opinion that this wouldn't |
2023-11-29 22:55:20 +0000 | edited answer | Why won't this Chrome TLS handshake work? I see 2 TLS sessions. The first: The client (browser) closes the session after 30 seconds (frame 809). Most likely a t |
2023-11-29 22:54:42 +0000 | edited answer | Why won't this Chrome TLS handshake work? I see 2 TLS sessions. The first: The client (browser) closes the session after 30 seconds (frame 809). Most likely a t |
2023-11-29 22:52:49 +0000 | received badge | ● Rapid Responder (source) |
2023-11-29 22:52:49 +0000 | answered a question | Why won't this Chrome TLS handshake work? I see 2 TLS sessions. The first: The client (browser) closes the session after 30 seconds (frame 809). Most likely a t |
2023-11-29 09:36:06 +0000 | edited answer | Is it possible to read multiple pcap file using a loop inside the main function of tshark.c? argv[3] is a pointer, it is NOT a char array to store a string in. And argv is declared as char* argv[], which means "an |
2023-11-28 22:46:59 +0000 | answered a question | Fix: Unable to access memory when renamed main function and call it in a loop in new main function. I guess you have to ask Akib Hossain Omi for support on his project. If you have problems compiling using the Wireshark |
2023-11-28 22:26:43 +0000 | edited answer | Is it possible to read multiple pcap file using a loop inside the main function of tshark.c? argv[3] is a pointer, it is NOT a char array to store a string in. And argv is declared as char* argv[], which means "an |
2023-11-28 22:24:17 +0000 | answered a question | Is it possible to read multiple pcap file using a loop inside the main function of tshark.c? argv[3] is a pointer, it is NOT a char array to store a string in. And argv is declared as char* argv[], which means "an |
2023-11-28 21:47:27 +0000 | commented answer | TLS1.2 RST After Server Key Exchange, Server Hello Done So there is an F5 and Netscaler in the network path. If the F5 is in full-proxy mode and the Netscaler does deep-packet |
2023-11-27 22:24:05 +0000 | commented answer | Wireshark doesn't see packets when just one system is 'local' No. It is not a hub. See https://wiki.wireshark.org/CaptureSetup/Ethernet#switched-ethernet |
2023-11-27 21:37:38 +0000 | commented question | Wireshark doesn't see packets when just one system is 'local' If I read the VM documentation correctly a "distributed port group" is just a virtual switch. Then it makes sense that t |