When you stop a wireshark session you can save the output to a file. As Figure A shows, wireshark output consists of two panes: the top pane shows the packets, while the bottom pane shows details of packets highlighted in the top pane. Clicking on the icon next it (circled in red) stops the capture. Starting a capture is simply a matter of clicking on the icon shown circled in green on Figure A. Wireshark can be started from the command line, but it usually needs to be run as root or as sudo. This week’s post provides a brief introduction to wireshark and shows two basic filters that can be used to extract two different classes of traffic. Wireshark is a protocol analyser available for download. Scott Reeves shares the wireshark filters that helps you isolate TCP and UDP traffic. Two simple filters for wireshark to analyze TCP and UDP traffic
0 kommentar(er)
