Highest Voted 'wireshark' Questions

102

votes

4 answers

How to filter http traffic in Wireshark?

I suspect my server has a huge load of http requests from its clients. I want to measure the volume of http traffic. How can I do it with Wireshark? Or probably there is an alternative solution using another tool? This is how a single http…

traffic wireshark

asked Dec 21 '09 at 08:22

par

1,273

80

votes

4 answers

How to make wireshark filter POST-requests only?

http wireshark filter packet-capture protocol-analyzer

asked Sep 08 '11 at 19:37

Ilya Smagin

903

57

votes

9 answers

How can I sniff the traffic of remote machine with wireshark?

I can sniff the traffic of my local pc but I would like to know how to I sniff the traffic of a remote machine by wireshark? When in capture option I select remote interface and enter my remote ip show me error.code(10061). What should I do?

wireshark

asked Feb 22 '12 at 06:18

aboutstudy

1,027

53

votes

7 answers

How can I filter https when monitoring traffic with Wireshark?

I want to observe the HTTPs protocol. How can I use a Wireshark filter to do that?

network-monitoring wireshark network-traffic

asked Apr 26 '11 at 14:43

Amirreza

734

31

votes

3 answers

ISP broadcasting all IP-packets, so I can see traffic of other clients from ISP

Recently I wondered why my router shows a constant downstream of 5 MBit/s, while I am downloading almost no data. I discovered the "packet logging" function of my router, with which I was able to log all the traffic in the wireshark format. And I…

wireshark isp traffic privacy

asked Mar 14 '14 at 11:27

user3297416

423

26

votes

6 answers

isolate application and check what packets it is sending over the internet

I am not sure that this sort of question is appropriate here, so forgive me if I'm wrong. Here is a problem: I want to see what a specific program is sending to the internet, but the thing is that on the computer there are lot's of applications and…

windows wireshark isolated-network

asked Oct 26 '12 at 14:08

Salvador Dali

965

25

votes

4 answers

Change protocol associated with port in wireshark

I'm trying to monitor some web traffic using wireshark. Our web proxy is on port 9191. How can I get the wireshark view to treat port 9191 just like port 80 - ie as HTTP. Just using Decode_As on the menu seems to allow half the conversation but only…

http port wireshark packet-analyzer

asked Jul 17 '09 at 15:18

Nick Fortescue

395

22

votes

1 answer

Wireshark Display Filter protocol==TLSV1? (and PacketLength)

What would the filter expression be to just select the protocols where the protocol = TLSV1? Something obvious like protocol == "TLSV1" or TCP.protocol == "TLSV1" is apparently not the right way. ip.proto == "TLSV1" says "ip.proto cannot accept…

wireshark filtering

asked Dec 28 '10 at 21:24

NealWalters

1,343

21

votes

2 answers

How can I search the info column in Wireshark?

Wireshark | Windows I want to search a packet capture of SMTP traffic for specific addresses/messages. Normally, I just sort the info column and browse but it would be nice if I could just run a search or filter for the specific string I'm looking…

tcp wireshark packet-analyzer packet-capture

asked Oct 19 '10 at 22:36

Mike B

12,304

20

votes

2 answers

What's the Wireshark packet receiving and processing procedure on a Windows machine?

I am about to use Wireshark for some traffic monitoring on my Windows computer. While working on it, I was wondering how Wireshark manages to catch low level network packets before Windows does. First of all, a network interface on my NIC receives…

networking ethernet wireshark

asked Jun 12 '16 at 17:13

Hansi

211

20

votes

5 answers

What causes duplicate ACK records?

We're reviewing Wireshark captures from a few client machines that are showing multiple duplicate ACK records which then triggers retransmit and out-of-sequence packets. These are shown in the following screen shot. .26 is client and .252 is…

windows-server-2003 windows-xp tcp wireshark

asked May 05 '11 at 20:27

Sam

740

19

votes

5 answers

Is there a way to get wireshark to capture packets sent from/to localhost on Windows?

Is there a way to get wireshark to capture packets sent from/to localhost? When I monitor traffic going from my computer to another, or from another computer to my computer, then it works. But from localhost to localhost does not register…

networking localhost network-monitoring wireshark

asked Jun 09 '09 at 22:44

Brian R. Bondy

763

17

votes

2 answers

How can I measure the cumulative network usage of a process, from execution beginning to end

I want to measure how much bandwidth git pull uses, preferably by prefixing git command with desired program, i.e. nettally git pull Alternatively, is there some sneaky way to accumulate nethogs / wireshark data and add up the figures after…

linux networking bash linux-networking wireshark

asked Oct 24 '13 at 13:05

caduceus

305

16

votes

3 answers

Stopping the WinPcap Packet capture service

I just installed WireShark, which also installed WinPcap. During the installation it said "do you want xxx to start automatically", which I answered yes. Now I would like to stop the service when I am not running wireshark, but cannot find a service…

windows-xp service wireshark winpcap

asked Oct 04 '11 at 13:42

Shiraz Bhaiji

2,279

16

votes

6 answers

How do I convert wireshark capture files to text files?

How can I convert wirshark captures (.cap) files to text files or some format from which I can read the file and parse its contents ?

command-line-interface wireshark

asked Jun 10 '10 at 16:43

Vidya

357

Questions tagged [wireshark]