Questions tagged [wireshark]
The network protocol analyzer developed and maintained by the Wireshark Foundation
889
questions
0
votes
2
answers
3k
views
How to run sniffing demonstration using virtualbox and wireshark
I am going to have a demonstration of packet sniffing using wireshark.
Therefore, I decided to create two vitual machines in virtualbox (with "host-only adapter" network config) and monitor the ...
0
votes
1
answer
7k
views
wireshark is not capturing http traffic
I have a lab server that I have a desktop that I would like to monitor with wireshark directly connected to and I am bridging the NICs to the internet connection between the server and the desktop. ...
0
votes
1
answer
6k
views
Unable to start npf driver
I need to start the npf driver for Wireshark but when I try to type "net start npf" in cmd prompt, I get the following error:
"System error 1058 has occurred.
The service cannot be started, either ...
0
votes
0
answers
27
views
Server sometimes not sending ACK in response to PSH, ACK
We've implemented a TCP server socket in C++ on a linux machine which is connected to another device, streaming data small packets at high rate (800 Hz). To do so without too much latency (which we ...
0
votes
1
answer
26
views
Detecting esp8266 traffic using Wireshark
I have programmed an esp8266 to make some http get requests to a remote webserver.
I would like to analyze this http requests somehow, with an external tool like Wireshark.
The purpose is to see how ...
1
vote
2
answers
5k
views
Search for a string in packet bytes of a pcap file using tshark
I am able to search for a string in the in packet bytes of a pcap capture using Wireshark. Is there similar functionality available in tshark ?
I already have the pcap files. But I need to go through ...
1
vote
1
answer
5k
views
Can't see interfaces in wireshark, Windows 10
I've been using Wireshark for weeks, but recently I installed Windows Subsystem for Linux (WSL2) with Kali Linux, planning to do some network analysis.
It took me quite a while to get it all running, ...
2
votes
2
answers
5k
views
How to extract mpeg-1 stream from pcap in wireshark
I have a pcap network dump that has an MPEG-1 stream inside and I would like to play the mpeg stream. So far I've tried playing through the RTP analyzer but that plays without any sound. I've also ...
1
vote
1
answer
4k
views
What are "Difference" and "Delta" in Wireshark RTP Analysis?
I tried to find this in the documentation, but had no luck. I would love to dig the sources to find out, but I honestly don't have the time. I tried to google this, but either people do not get any ...
0
votes
2
answers
3k
views
DNS and understanding root servers
Firstly, is this explanation on how DNS works right?
When we visit a site, say (www.example.com),we are doing a lookup to convert the domain name to an i.p address. So, our computer first looks at ...
3
votes
1
answer
6k
views
SYN-ACK not received
On a standard TCP connection between server and client, I have this issue: the SYN-ACK is not received from the client, while it is sent from the server. I could see this on Wireshark from both server ...
0
votes
0
answers
74
views
ARP request is successful, but TCP SYN is not visible in output of Wireshark
I was redirected from Network Engineering, hopefully below is in scope of on-topics.
I have a TCP server, its properties are the following:
It runs within a virtual machine (VMware).
The host OS is ...
0
votes
2
answers
8k
views
Monitor Mode doesn't work in Kali 2.0
For the last year or so I have been using this exact setup with Kali 1.0. Everything worked fine with Wireshark. Now, when I am connected to a Wi-Fi access point my card REFUSES to stay in monitor ...
2
votes
1
answer
768
views
How to explain sequences of FIN,ACK instead of FIN - FIN,ACK?
Context: newly installed Debian 12, I get a bunch of strange logs related to ssh:
root@square:~# journalctl -u ssh -f
May 07 11:13:00 yop-square sshd[766]: error: kex_exchange_identification: ...
1
vote
0
answers
27
views
802.11 frames gets resent by my linux
My program is sending custom 802.11 frames for WPA handshake, like authentication, association or acknowledgement. Yet the operating resend the same packet with modifying its radiotapheader and ...