Ask Your Question

Chuckc's profile - activity

2020-08-03 16:12:05 +0000 commented question How to avoid ICMP "Destination Protocol Unreachable" with ERSPAN to WIndows 10

Is there a rule in Windows firewall to allow the GRE packets in?

2020-08-03 15:43:31 +0000 commented question How to avoid ICMP "Destination Protocol Unreachable" with ERSPAN to WIndows 10

Are you de-encapsulating the packets on the subnet "B" switch or sending to the PC IP address? ERSPAN – My New Favorite

2020-08-03 04:54:30 +0000 commented question Windows 10 - No Interfaces found

Have you tried with a more current version of Wireshark (now at 3.2.5) and npcap (now at 0.9995)?

2020-08-03 04:51:23 +0000 commented question what is this error? "Couldn't run /usr/bin/dumpcap in child process: Permission denied"

Has the system been configured to run without root? Platform-Specific information about capture privileges Running Wires

2020-07-30 20:09:08 +0000 commented question I need to learn how to read and understand a wireshark packet capture output.

Check comments on this question for links to beginner videos.

2020-07-30 20:03:32 +0000 commented question Wireshark sees a few interfaces that I cannot find in the Windows registry, where does Wireshark get its list of interfaces?

dumpcap -D (upper case D)

2020-07-30 20:03:15 +0000 commented question Wireshark sees a few interfaces that I cannot find in the Windows registry, where does Wireshark get its list of interfaces?

dumpcap -D (upper case D)

2020-07-30 19:57:47 +0000 commented answer How do I add keys (that I already have) to a packet capture?

It would be nice to export the key log file from the command line with tshark or wireshark but not supported. Peter's (@

2020-07-30 17:07:34 +0000 commented question Network Problem Resolved Itself After Wireshark Install

So it requires Wireshark to be running, not just installed?

2020-07-30 15:28:57 +0000 commented question Network Problem Resolved Itself After Wireshark Install

Previous versions of npcap available here. Extra work but would then be apples to apples comparison.

2020-07-30 06:45:03 +0000 commented answer How do I add keys (that I already have) to a packet capture?

Sorry - just now got it - "I am looking only to embed the keys into the pcap file (specifically this DTLS test file) to

2020-07-30 06:44:46 +0000 commented answer How do I add keys (that I already have) to a packet capture?

Sorry - just now got it - "I am looking only to embed the keys into the pcap file (specifically this DTLS test file) to

2020-07-30 06:39:06 +0000 commented answer How do I add keys (that I already have) to a packet capture?

Sorry - just now got it - "I am looking only to embed the keys into the pcap file (specifically this DTLS test file) to

2020-07-30 06:27:48 +0000 commented answer How do I add keys (that I already have) to a packet capture?

Sorry - just now got it - "I am looking only to embed the keys into the pcap file (specifically this DTLS test file) to

2020-07-30 06:23:49 +0000 commented answer Editcap not found on mac osx

Since Guy was able to help with installing Editcap, moving the keys discussion back to the original question "How do I a

2020-07-30 04:17:50 +0000 commented answer Editcap not found on mac osx

Are you looking specifically for DTLS test files or would regular TLS be ok?

2020-07-29 22:05:03 +0000 commented answer How do I add keys (that I already have) to a packet capture?

Installing Wireshark under macOS - "See the included Read me first.html file for more details." Source adoc file for th

2020-07-29 22:04:19 +0000 commented answer How do I add keys (that I already have) to a packet capture?

Installing Wireshark under macOS - "See the included Read me first.html file for more details." Source adoc file for th

2020-07-29 22:03:51 +0000 commented answer How do I add keys (that I already have) to a packet capture?

Installing Wireshark under macOS - "See the included Read me first.html file for more details." Source adoc file for th

2020-07-29 21:11:07 +0000 commented question Network Problem Resolved Itself After Wireshark Install

"It appears that just installing Npcap doesn't seem to help." When installing just npcap, what version was it? Wireshar

2020-07-29 20:41:05 +0000 commented question Network Problem Resolved Itself After Wireshark Install

Can you add the output of wireshark -v or Help->About Wireshark:Wireshark. Not the answer but another example of Wir

2020-07-29 20:37:53 +0000 commented question Network Problem Resolved Itself After Wireshark Install

Can you add the output of wireshark -v or Help->About Wireshark:Wireshark.

2020-07-29 01:45:07 +0000 commented question "TCP Previous Segment not captured" occurs and the client stop reading the last few bytes from inputstream under high concurrency environment in android(java)

The JPEG and PNG end of file markers are all present in client_1 and client_2 captures. You could export them (File -&g

2020-07-29 01:31:17 +0000 commented question "TCP Previous Segment not captured" occurs and the client stop reading the last few bytes from inputstream under high concurrency environment in android(java)

The JPEG and PNG end of file markers are all present in client_1 and client_2 captures. You could export them (File -&g

2020-07-29 00:57:05 +0000 commented question "TCP Previous Segment not captured" occurs and the client stop reading the last few bytes from inputstream under high concurrency environment in android(java)

(link to the loopback capture is pointing to server_2 not loopback.pcapng) In the loopback capture: tcp.port==6000 &

2020-07-28 23:42:04 +0000 commented question How do I add keys (that I already have) to a packet capture?

Embedding decryption secrets in a pcapng file

2020-07-28 23:41:06 +0000 commented question How do I add keys (that I already have) to a packet capture?

https://wiki.wireshark.org/TLS?highlight=%28TLS%29#Embedding_decryption_secrets_in_a_pcapng_file

2020-07-28 20:25:35 +0000 commented question "TCP Previous Segment not captured" occurs and the client stop reading the last few bytes from inputstream under high concurrency environment in android(java)

Is there a proxy in the middle that's changing the client port number? TCP offload on the server makes it difficult to

2020-07-28 05:56:55 +0000 commented question How does tshark export decrypted ssl pcap files instead of log files

From the old Answer site: tshark is decrypting data but output pcap file still has encrypted data

2020-07-28 05:54:23 +0000 commented question How does tshark export decrypted ssl pcap files instead of log files

(not an answer but related: Bug 14639 - TShark output isn't always usable as text2pcap input Removing the "-V" and sendi

2020-07-27 16:26:57 +0000 commented question Determine the Packet Direction (Inbound or Outbound)

Can you go a down a layer and look at the MAC addresses in the Ethernet header?

2020-07-27 15:07:08 +0000 commented question cannot see Ethernet access point when Wireshark runs on a virtual machine

"I can use ipconfig in command window." Can you add this to the question comments?

2020-07-25 17:14:37 +0000 commented question Copyrights for Taking screenshots of Riverbed software and wireshark software

(Duplicate of this one) Wireshark license/trademark "Wireshark and the "fin" logo are registered trademarks of the Wir

2020-07-25 17:13:56 +0000 commented question Copyrights for Taking screenshots of Riverbed software and wireshark software

(Duplicate of this one) Wireshark license/trademark "Wireshark and the "fin" logo are registered trademarks of the Wir

2020-07-25 17:13:03 +0000 commented question Copyrights for Taking screenshots of Riverbed software and wireshark software

(Duplicate of this one) Wireshark copyright "Wireshark and the "fin" logo are registered trademarks of the Wireshark F

2020-07-25 02:42:14 +0000 commented question Wireshark sees a few interfaces that I cannot find in the Windows registry, where does Wireshark get its list of interfaces?

The Wireshark install directory may not be in your path. Typical (not always) is C:\Program Files\Wireshark.

2020-07-24 23:43:42 +0000 commented question Last few days my PING is really high on Lan

Do any of the other devices on the subnet (192.168.0.54, 192.168.0.55, 192.168.0.61, 192.168.0.62) respond to a ping fro

2020-07-24 23:09:54 +0000 commented question Wireshark sees a few interfaces that I cannot find in the Windows registry, where does Wireshark get its list of interfaces?

Still digging. Similar issue here on the nmap/npcap email list. On Windows, Wireshark is calling npcap to get the inter

2020-07-24 22:52:24 +0000 commented question Wireshark sees a few interfaces that I cannot find in the Windows registry, where does Wireshark get its list of interfaces?

Still digging. Similar issue here on the nmap/npcap email list. On Windows, Wireshark is calling npcap to get the inter

2020-07-24 22:37:38 +0000 commented question Wireshark sees a few interfaces that I cannot find in the Windows registry, where does Wireshark get its list of interfaces?

Still digging. Similar issue here on the nmap/npcap email list.

2020-07-24 21:36:27 +0000 commented question cannot see Ethernet access point when Wireshark runs on a virtual machine

Are you able to access the network interfaces from a command window on the virtual machine?

2020-07-24 21:21:04 +0000 commented question How to Determine Low Level Filter

I think you are at the mercy of the logic in the code. Maybe one of the developers will weigh in on this. Until then, t

2020-07-24 21:20:47 +0000 commented question How to Determine Low Level Filter

I think you are at the mercy of the logic in the code. Maybe one of the developers will weigh in on this. Until then, t

2020-07-24 21:20:17 +0000 commented question How to Determine Low Level Filter

I think you are at the mercy of the logic in the code. Maybe one of the developers will weigh in on this. Until then, t

2020-07-24 19:24:14 +0000 commented question I'm not seeing IP addresses, I'm seeing addresses like 2600:6c46:6880:3500:5c:e170:ab8f:1711

Looks like an IPv6 address. Info here on the Wireshark Wiki.

2020-07-24 04:21:35 +0000 commented answer SSH remote capture private key can't connect

Have you tried making a capture of the SSH connection to see why it's failing? Could it be similar to this issue and the

2020-07-24 04:14:14 +0000 commented question uninstall - mmdbresolve.exe could not be removed

Bug opened here

2020-07-23 22:22:35 +0000 commented answer uninstall - mmdbresolve.exe could not be removed

There's nothing special about mmdbresolve.exe. It just happens to be at the top of the deletion stack: uninstall.nsi ---

2020-07-23 22:22:16 +0000 commented answer uninstall - mmdbresolve.exe could not be removed

There's nothing special about mmdbresolve.exe. It just happens to be at the top of the deletion stack: uninstall.nsi ---

2020-07-23 22:21:51 +0000 commented answer uninstall - mmdbresolve.exe could not be removed

There's nothing special about mmdbresolve.exe. It just happens to be at the top of the deletion stack: uninstall.nsi ---