Chuckc's profile - activity

Is there a rule in Windows firewall to allow the GRE packets in?

Are you de-encapsulating the packets on the subnet "B" switch or sending to the PC IP address? ERSPAN – My New Favorite

Have you tried with a more current version of Wireshark (now at 3.2.5) and npcap (now at 0.9995)?

Has the system been configured to run without root? Platform-Specific information about capture privileges Running Wires

Check comments on this question for links to beginner videos.

dumpcap -D (upper case D)

dumpcap -D (upper case D)

It would be nice to export the key log file from the command line with tshark or wireshark but not supported. Peter's (@

So it requires Wireshark to be running, not just installed?

Previous versions of npcap available here. Extra work but would then be apples to apples comparison.

Sorry - just now got it - "I am looking only to embed the keys into the pcap file (specifically this DTLS test file) to

Sorry - just now got it - "I am looking only to embed the keys into the pcap file (specifically this DTLS test file) to

Sorry - just now got it - "I am looking only to embed the keys into the pcap file (specifically this DTLS test file) to

Sorry - just now got it - "I am looking only to embed the keys into the pcap file (specifically this DTLS test file) to

Since Guy was able to help with installing Editcap, moving the keys discussion back to the original question "How do I a

Are you looking specifically for DTLS test files or would regular TLS be ok?

Installing Wireshark under macOS - "See the included Read me first.html file for more details." Source adoc file for th

Installing Wireshark under macOS - "See the included Read me first.html file for more details." Source adoc file for th

Installing Wireshark under macOS - "See the included Read me first.html file for more details." Source adoc file for th

"It appears that just installing Npcap doesn't seem to help." When installing just npcap, what version was it? Wireshar

Can you add the output of wireshark -v or Help->About Wireshark:Wireshark. Not the answer but another example of Wir

Can you add the output of wireshark -v or Help->About Wireshark:Wireshark.

The JPEG and PNG end of file markers are all present in client_1 and client_2 captures. You could export them (File -&g

The JPEG and PNG end of file markers are all present in client_1 and client_2 captures. You could export them (File -&g

(link to the loopback capture is pointing to server_2 not loopback.pcapng) In the loopback capture: tcp.port==6000 &

Embedding decryption secrets in a pcapng file

https://wiki.wireshark.org/TLS?highlight=%28TLS%29#Embedding_decryption_secrets_in_a_pcapng_file

Is there a proxy in the middle that's changing the client port number? TCP offload on the server makes it difficult to

From the old Answer site: tshark is decrypting data but output pcap file still has encrypted data

(not an answer but related: Bug 14639 - TShark output isn't always usable as text2pcap input Removing the "-V" and sendi

Can you go a down a layer and look at the MAC addresses in the Ethernet header?

"I can use ipconfig in command window." Can you add this to the question comments?

(Duplicate of this one) Wireshark license/trademark "Wireshark and the "fin" logo are registered trademarks of the Wir

(Duplicate of this one) Wireshark license/trademark "Wireshark and the "fin" logo are registered trademarks of the Wir

(Duplicate of this one) Wireshark copyright "Wireshark and the "fin" logo are registered trademarks of the Wireshark F

The Wireshark install directory may not be in your path. Typical (not always) is C:\Program Files\Wireshark.

Do any of the other devices on the subnet (192.168.0.54, 192.168.0.55, 192.168.0.61, 192.168.0.62) respond to a ping fro

Still digging. Similar issue here on the nmap/npcap email list. On Windows, Wireshark is calling npcap to get the inter

Still digging. Similar issue here on the nmap/npcap email list. On Windows, Wireshark is calling npcap to get the inter

Still digging. Similar issue here on the nmap/npcap email list.

Are you able to access the network interfaces from a command window on the virtual machine?

I think you are at the mercy of the logic in the code. Maybe one of the developers will weigh in on this. Until then, t

I think you are at the mercy of the logic in the code. Maybe one of the developers will weigh in on this. Until then, t

I think you are at the mercy of the logic in the code. Maybe one of the developers will weigh in on this. Until then, t

Looks like an IPv6 address. Info here on the Wireshark Wiki.

Have you tried making a capture of the SSH connection to see why it's failing? Could it be similar to this issue and the

Bug opened here

There's nothing special about mmdbresolve.exe. It just happens to be at the top of the deletion stack: uninstall.nsi ---

There's nothing special about mmdbresolve.exe. It just happens to be at the top of the deletion stack: uninstall.nsi ---

There's nothing special about mmdbresolve.exe. It just happens to be at the top of the deletion stack: uninstall.nsi ---