Highest Voted 'wireshark' Questions - Server Fault Stack Exchange

4

votes

3 answers

determining what ports a program uses

I'm trying to use wireshark to determine what ports a certain program uses. The program connects to the server fine if we are on the same network, but I obviously need to forward the ports on the firewall to use it outside of the office. I turn on…

port wireshark

asked May 04 '11 at 05:43

RodH257

569
6
11
23

4

votes

2 answers

What program sent which packet to the network

I would like to have a tcpdump like program that shows which program sent a specific packet, instead of just getting the port number. This is a generic problem I've had on and off sometimes when you have and old tcpdump file lying around you have no…

linux networking wireshark tcpdump

asked Dec 16 '10 at 12:23

Erik Johansson

261
2
8

4

votes

4 answers

How to use sniffer to troubleshoot SMTP traffic?

We're having an issue where we are no longer receiving external emails. (We have an Exchange mail system, with a Barracuda spam filter and Watchguard hardware firewall.) The problem is that mail appears to be getting through the Watchguard box, but…

networking email wireshark

asked Aug 05 '10 at 12:48

johnnyb10

655
4
13
28

4

votes

2 answers

Saving Wireshark capture settings for future use

Is there any way to save Wireshark capture options? So it can be reuse after restart Wireshark. Also, if the saved file is in plain text, it's possible to use scripts generating bunch of capture settings, such with different filter setting. Does…

wireshark

asked Mar 24 '10 at 20:47

Stan

1,387
6
24
40

3

votes

1 answer

Where in the Windows networking stack do WinPcap/Npcap hook/filter to "listen" for packets?

I'm investigating an issue with a process that performs IPC via a socket. The socket is served on the local machine's NIC's IP, and the connection is made to the local machine's NIC's IP from another process on the local machine. I expected that…

windows networking wireshark winpcap

asked Feb 01 '19 at 23:43

brandeded

1,845
8
32
50

3

votes

1 answer

Wireshark trace file RST after FIN packet

I have a client and Application server, that exchange certificates with each other and establishes a secure TLS connection. At the end of such connection, after application data is transferred. The client sends a FIN packet to the server, in return…

wireshark rst

asked Aug 06 '18 at 12:26

Teja

45
1
5

3

votes

1 answer

How do I capture all packets on local wifi network using Wireshark settings -

I'm attempting to replicate a 'wifi cafe' setup in a home lab environment. I'd like to demonstrate that unencrypted (non-HTTPS) network traffic on a wifi network can be viewed by other wireless devices. I've seen this in action (ala firesheep) on a…

monitoring wifi wireshark sniffing promiscuous

asked May 21 '18 at 21:12

user3.1415927

172
1
1
8

3

votes

2 answers

TLS 1.3 Client-/Server-Hello Version 1.2

I started a TLS1.3-server via openSSL (version 1.1.1-pre4 (beta) 3 Apr 2018 ) $ openssl s_server -key key.pem -cert cert.pem -accept 44330 -www -tls1_3 and a TLS1.3 client $ openssl s_client -connect 127.0.0.1:44330 -tls1_3 I captured the traffic…

ssl openssl wireshark

asked Apr 12 '18 at 12:56

user1511417

131
3
6

3

votes

1 answer

RST ACK after SYN and Retransmission

I'm very new with network, so forgive me if I ask dumb questions or if my vocabulary is bad I'm trying to access an URL from a partner on a specific port. The server has a firewall which only accepts allowed IP address The problem is that sometimes…

tcp wireshark rst

asked Aug 01 '17 at 09:03

Nevi

131
1
4

3

votes

3 answers

Determine What Process is Generating Network Traffic (Windows Server 2003)

I've got a print server in our Windows 2003 domain with a lot of print queues on it. We are seeing a significant amount of SNMP scans coming from this server which we think are unnecessary. Everything related to the print server itself is…

firewall network-monitoring snmp print-server wireshark

asked Nov 07 '09 at 20:13

J.Zimmerman

1,117
1
8
13

3

votes

2 answers

Heavy TCP traffic on loopback

While trying to generate some test traffic on my loopback interface, I noticed there was so much noise there that the output from Wireshark was essentially useless, with tons of SYN/RST, ACK packets on port 4101 (which some Googling suggests has to…

networking wireshark netstat loopback

asked Dec 25 '16 at 22:07

Guilherme

133
1
4

3

votes

0 answers

FileZilla FTP Error - 426 Connection Closed; aborted transfer of "filename"

I'm trying to transfer a file to an FTP server but I get the error on the title: "426 Connection Closed; aborted transfer of "XYZ". Here are some info: I can establish the connection, change directory, transfer a file from FTP server to the client.…

ftp wireshark

asked May 18 '16 at 18:14

user2629636

774
5
19
40

3

votes

2 answers

How do I see absolute time stamps in Wireshark?

There is an example of pcap file opened in wireshark The second column is time. Is it possible to see absolute timestamps here instead of relative?

wireshark tcpdump

asked Apr 25 '16 at 13:00

user1700494

1,642
2
12
21

3

votes

3 answers

How can I configure Wireshark to list my dial up connection as a possible capture interface?

I am trying to monitor traffic coming into to my machine via an incoming dialup connection. I am using Wireshark with WinPCap 3.1 ( I rolled back to 3.1 from 4.0 because I read that this was the reason that my dialup connection wasn't listed in the…

windows wireshark

asked Oct 19 '09 at 15:16

BeeBand

3

votes

3 answers

Sniff packets which have source address other than my machine

I tried sniffing network traffic between 2 ip addresses. One is a HTTP server and other is the client accessing that site. My aim is to sniff POST method form data. How do i do that? When i tried sniffing, only the packets which had source address…

linux wireshark packet-analyzer

asked Oct 10 '09 at 11:11

Abhijeet Rastogi

236
3
20

Questions tagged [wireshark]