Highest Voted 'wireshark' Questions - Server Fault Stack Exchange

14

votes

6 answers

How do I convert wireshark capture files to text files?

How can I convert wirshark captures (.cap) files to text files or some format from which I can read the file and parse its contents ?

command-line-interface wireshark

asked Jun 10 '10 at 16:43

Vidya

347
1
6
19

12

votes

1 answer

Disable TLS 1.2 stops RST packets

Environment, Web server - Server 2012 R2, IIS 8, ASP.NET application Firewall Cisco 5515 Un-Managed HP switches, No vlaning Client has been using Curl from the outside to hit our application. No one else should be using the server. Using wireshark i…

windows-server-2012-r2 asp.net wireshark iis-8

asked Nov 13 '17 at 17:06

Anthony Fornito

9,546
1
34
124

12

votes

2 answers

How to send captured packets to a different destination?

I have some data packets captured using tcpdump in a pcap file. Now I want to send those packets to a another destination. how I can achieve this?

linux-networking wireshark tcpdump tshark

asked Dec 19 '15 at 05:26

Lakal Malimage

486
1
4
10

12

votes

2 answers

Filter tcpdump file AFTER capturing

I captured a really big tcpdump file which now always crashes my wireshark. It was captured with no filters and I need to apply some afterwards to make the file smaller. Is this somehow possible?

wireshark tcpdump filter

asked Jan 10 '13 at 13:18

Zulakis

4,153
14
48
76

12

votes

2 answers

How to filter on a the contents of a packet in Wireshark?

I've got an application that is communicating with an Oracle database, it's logging is pretty crappy so the only way I can workout what SQL it is sending to our database is by packet sniffing for TNS.requests; I want to filter these packets by those…

wireshark

asked Nov 30 '10 at 12:48

user62006

11

votes

2 answers

Why send authoritative nameserver in DNS?

Out of curiosity, I'm checking the Wireshark DNS packets. I can see that there's a DNS query from the host, and then DNS response from the DNS server. Everything is just as expected. However, if you further check in the query, you can see that the…

domain-name-system dns-zone wireshark dns-hosting dns-server

asked Nov 05 '18 at 09:01

AhmedWas

373
2
11

11

votes

3 answers

Wireshark running on a server seeing lots of `ARP who has` with different tells

We're seeing some suspicious network activity, and when I was trying to see if it was one particular server of ours I ran a Wireshark trace. I noted a lot of ARP packets asking who has x.x.x.x, but all being told to tell different addresses. In the…

networking wireshark arp

asked Jun 04 '13 at 16:30

Cylindric

1,127
5
24
45

10

votes

1 answer

Unable to open WireShark in CentOS 6.5

I have installed WireShark in CentOS 6.5 with the following packages using Yum. Dependencies Resolved ================================================================================ Package Arch Version …

linux centos wireshark centos6.5

asked Oct 31 '14 at 11:13

Sathish

236
2
8

10

votes

3 answers

How do I install Wireshark in Red Hat Linux?

How do I install Wireshark in Red Hat Linux? At the Wireshark download page, am I supposed to download "Standard package" for Red Hat under "Third-Party Package"? Does the Red Hat version have a GUI?

linux wireshark

asked Jul 03 '12 at 07:32

kumar

309
2
8
22

9

votes

1 answer

Why does WireShark think this frame is a TCP segment of a reassembled PDU

Please find a small pcap file here illustrating my problem. I have a three-way TCP handshake, followed by two FIX logons. (FIX is a protocol used in trading.) The first FIX logon (frame 4) is interpreted and parsed just fine by WireShark, but the…

tcp wireshark

asked Jun 17 '13 at 16:21

Randomblue

1,165
5
16
33

9

votes

3 answers

How to monitor VPN traffic with Wireshark on Windows 7?

I'm running Wireshark 1.6.7 (latest available release) x64 on Windows 7 x64. I only have a single network card on this computer, and Wireshark shows only it as an available adapter to capture packets on. If I establish a VPN connection (using…

windows-7 vpn wireshark

asked Apr 16 '12 at 18:39

Massimo

70,200
57
200
323

9

votes

4 answers

How to debug "HTTP request sent, awaiting response"?

I have a Linux server on an ADSL connection, and I just noticed that sometimes I get Connecting to example.com|xxx.xxx.xxx.122|:80... connected. HTTP request sent, awaiting response... when I use wget or e.g. a browser like firefox. In the case of…

linux networking http wireshark debugging

asked Sep 24 '11 at 14:58

Sandra

10,303
38
112
165

9

votes

2 answers

Why my laptop sends ARP request to itself?

I have just started to learn about protocols. While studying the packets in wireshark, I came across a ARP request sent by my machine to my own IP. Here is the details of the packet : No. Time Source Destination …

networking windows-7 wifi wireshark arp

asked Jan 07 '11 at 13:47

user58859

518
3
8
17

9

votes

4 answers

Can Wireshark read data being sent to/from other computers?

Let's say WireShark is installed on computer A. And let's say I am looking at a Youtube video on the computer B. Can WireShark see what computer B is doing?

wireshark

asked Oct 05 '10 at 05:06

AngryHacker

2,877
6
32
33

8

votes

3 answers

Wireshark filtering-trying to filter out my own local ip

I'm trying to filter out my local machine's IP address 192.168.5.22. I used ip.src != 192.168.5.22|| ip.dst !=192.168.5.22 and I keep seeing my address pop up.

http wireshark filtering

asked Sep 23 '13 at 18:33

chris

89
1
1
2

Questions tagged [wireshark]