Questions tagged [wireshark]
The network protocol analyzer developed and maintained by the Wireshark Foundation
889
questions
1
vote
0
answers
123
views
Why is TCP connection on Windows machines, retransmitting after receiving a correct ACK from HTTP server
Using two different Windows laptops, one with Win 7 and the other Win 11, I'm trying to connect to the HTTP GUI of a device (cell phone booster) that's connected directly to my laptop through an ...
4
votes
3
answers
2k
views
Does DNS-over-HTTPS hide domain name of websites from packet analyzers?
A person on my same Wifi network is tracking name of the websites that I visit using tools like Wireshark. Does DNS over HTTPS hide the name of the sites that I visit?
My DNS settings are -
DNS ...
1
vote
1
answer
587
views
Retransmission of TCP packets
I have device A (10.10.25.1), which is connected to device B(10.10.25.52) via unmanaged switch. Device A is a computer. Device B is measurement instrument. Device A is continuously(every 1sec) sending ...
0
votes
1
answer
194
views
Reassemble Wireshark WiFi captured LLC packets into original message
I have the following setup within my own WiFi network: one machine (A) connected to my WiFi (which connects to the internet), and one machine (B) running Wireshark, with a WiFi adapter in monitoring ...
0
votes
1
answer
662
views
How to disable TCP SACK in Windows XP?
Device 1 Windows XP. 192.168.101.173, I have access to the application code, but it is massive.
Device 2 Embedded device. 192.168.101.205. I don’t have access to the code or even to logs from this ...
1
vote
1
answer
233
views
TLS certificate validation depth
Background: I'm using the curl library to upload files via TLS to a server with a DigiCert certificate.
Phenomenon: During the handshake phase, the server sends a Hello message and returns the ...
0
votes
0
answers
51
views
Can't see my update location request but kc has changed, general information about GSM
I need to ask for your help because I feel I miss something in my train of thoughts.
So, I've installed gr-gsm with all the dependencies from a fresh docker
https://github.com/uetacog/grgsm_docker
...
0
votes
0
answers
50
views
Loosing UDP messages during routing?
I am trying to test software that I’ve written to send UDP messages. This software works if I don’t bind the socket to a port (i.e. it defaults to NIC 1). I can see the messages with Wireshark running ...
0
votes
1
answer
1k
views
Wireshark: how to show UDP payload as text?
I have a device that broadcasts strings for debugging purposes, and i need to capture these UDP message and read the string.
As you can see, i cannot read anything in the data.text column, while the ...
0
votes
0
answers
73
views
TCP Receiver's Window stop increasing
I'm debugging a high-bandwidth TCP connection whose throughput is significantly lower than the capability of the device and the network. The network between these 2 hosts is expected to be high ...
0
votes
1
answer
812
views
Troubleshooting SMB connection to file share
I have a bunch of servers and a file share set up on a remote HNAS. The file share is set up to use SMB 3.1.1 and the servers are all Windows Server 2019. 5 out of 6 servers connects just fine to ...
0
votes
1
answer
164
views
Wireshark hex escapes not woking while matching payload
In wireshark I was trying to match packets whose payloads does not begin with 00 24. But for some reason, this filter is failing:
not(udp.payload ~ "^\x00\x24")
But surprisingly this works:
...
0
votes
1
answer
918
views
How to decode DCE RPC stub data in WireShark
I need to compare connection session of 2 OPC DA clients connecting to a remote server. Under the hood they uses DCOM and DCE RPC. Fortunately, WireShark provides dcerpc dissector, but it doesn't ...
2
votes
2
answers
317
views
extract the top 5 TCP or UDP flows from tshark sorted in descending by Total bytes
As the question heading states, given a packet capture I want to extract the top 5 flows for TCP (or UDP) sorted based on total bytes in the descending order.
I have come up with this so far
tshark -r ...
0
votes
0
answers
160
views
In a GPON network, running wireshark captures SIP phone calls from other users
I plugged my laptop into my ONT and fired up Wireshark.
To my surprise a lot of SIP packects were present, and I could see phone numbers of other costumers, and the people they called. I didn't ...