Skip to main content
Super User

Questions tagged [wireshark]

Ask Question

The network protocol analyzer developed and maintained by the Wireshark Foundation

889 questions
Newest Active Bountied Unanswered
1 vote
0 answers
123 views

Why is TCP connection on Windows machines, retransmitting after receiving a correct ACK from HTTP server

Using two different Windows laptops, one with Win 7 and the other Win 11, I'm trying to connect to the HTTP GUI of a device (cell phone booster) that's connected directly to my laptop through an ...
Frank's user avatar
Frank
  • 139
4 votes
3 answers
2k views

Does DNS-over-HTTPS hide domain name of websites from packet analyzers?

A person on my same Wifi network is tracking name of the websites that I visit using tools like Wireshark. Does DNS over HTTPS hide the name of the sites that I visit? My DNS settings are - DNS ...
Gopal S's user avatar
Gopal S
  • 45
1 vote
1 answer
587 views

Retransmission of TCP packets

I have device A (10.10.25.1), which is connected to device B(10.10.25.52) via unmanaged switch. Device A is a computer. Device B is measurement instrument. Device A is continuously(every 1sec) sending ...
Pablo's user avatar
Pablo
  • 4,683
0 votes
1 answer
194 views

Reassemble Wireshark WiFi captured LLC packets into original message

I have the following setup within my own WiFi network: one machine (A) connected to my WiFi (which connects to the internet), and one machine (B) running Wireshark, with a WiFi adapter in monitoring ...
Tristan Tran's user avatar
Tristan Tran
  • 133
0 votes
1 answer
662 views

How to disable TCP SACK in Windows XP?

Device 1 Windows XP. 192.168.101.173, I have access to the application code, but it is massive. Device 2 Embedded device. 192.168.101.205. I don’t have access to the code or even to logs from this ...
Beto's user avatar
Beto
  • 3
1 vote
1 answer
233 views

TLS certificate validation depth

Background: I'm using the curl library to upload files via TLS to a server with a DigiCert certificate. Phenomenon: During the handshake phase, the server sends a Hello message and returns the ...
Abner Sun's user avatar
Abner Sun
  • 11
0 votes
0 answers
51 views

Can't see my update location request but kc has changed, general information about GSM

I need to ask for your help because I feel I miss something in my train of thoughts. So, I've installed gr-gsm with all the dependencies from a fresh docker https://github.com/uetacog/grgsm_docker ...
mattia's user avatar
mattia
  • 1
0 votes
0 answers
50 views

Loosing UDP messages during routing?

I am trying to test software that I’ve written to send UDP messages. This software works if I don’t bind the socket to a port (i.e. it defaults to NIC 1). I can see the messages with Wireshark running ...
user1585453's user avatar
user1585453
  • 1
0 votes
1 answer
1k views

Wireshark: how to show UDP payload as text?

I have a device that broadcasts strings for debugging purposes, and i need to capture these UDP message and read the string. As you can see, i cannot read anything in the data.text column, while the ...
Parduz's user avatar
Parduz
  • 113
0 votes
0 answers
73 views

TCP Receiver's Window stop increasing

I'm debugging a high-bandwidth TCP connection whose throughput is significantly lower than the capability of the device and the network. The network between these 2 hosts is expected to be high ...
Alex's user avatar
Alex
  • 101
0 votes
1 answer
812 views

Troubleshooting SMB connection to file share

I have a bunch of servers and a file share set up on a remote HNAS. The file share is set up to use SMB 3.1.1 and the servers are all Windows Server 2019. 5 out of 6 servers connects just fine to ...
JaggenSWE's user avatar
JaggenSWE
  • 273
0 votes
1 answer
164 views

Wireshark hex escapes not woking while matching payload

In wireshark I was trying to match packets whose payloads does not begin with 00 24. But for some reason, this filter is failing: not(udp.payload ~ "^\x00\x24") But surprisingly this works: ...
Sourav Kannantha B's user avatar
Sourav Kannantha B
  • 161
0 votes
1 answer
918 views

How to decode DCE RPC stub data in WireShark

I need to compare connection session of 2 OPC DA clients connecting to a remote server. Under the hood they uses DCOM and DCE RPC. Fortunately, WireShark provides dcerpc dissector, but it doesn't ...
devaskim's user avatar
devaskim
  • 111
2 votes
2 answers
317 views

extract the top 5 TCP or UDP flows from tshark sorted in descending by Total bytes

As the question heading states, given a packet capture I want to extract the top 5 flows for TCP (or UDP) sorted based on total bytes in the descending order. I have come up with this so far tshark -r ...
Trevor Philip's user avatar
Trevor Philip
  • 23
0 votes
0 answers
160 views

In a GPON network, running wireshark captures SIP phone calls from other users

I plugged my laptop into my ONT and fired up Wireshark. To my surprise a lot of SIP packects were present, and I could see phone numbers of other costumers, and the people they called. I didn't ...
flyrelay's user avatar
flyrelay
  • 1

15 30 50 per page
1 2
3
4 5
60