Embedded Files
- Who is Gerald Combs?
- Lead developer and Wireshark director at CACE Technologies
- What does a protocol analyzer like Wireshark do?
- It captures network traffic that travels across the network adaptor on the computer running the software and turns the traffic into information that a human can read by categorizing, sorting, filtering, and organizing all of the data into an understandable and easy to use format.
- In the Wireshark Interface, what is the Packet List?
- The list of packets that have been captured by the software from the time it was told to capture until the time it was instructed to stop.
- In the Wireshark Interface, what is the Packet Detail?
- Packet detail shows the contents of the packet, the protocols that were controlling the packet, and other information related to that specific packet like addresses, and configuration data.
- What privileges do you need to run Wireshark? Why?
- Administrator or root; Wireshark accesses the network adaptor directly and essentially creates a copy of every single packet that touches the network adaptor.
- What is a Wireshark display filter?
- A handy tool that filters out specific types of packets, or only displays certain types of packets for the user.
- If you right click on a packet, what are you presented with?
- A menu to perform more tasks or set options with that packet
- Describe the display filter employed when you right click and select "Follow TCP Stream?"
- A window showing the conversation between the web browser used when the capture was running and the server the web browser was talking to.
- Where can you go to find more information about packet capture with Wireshark? Wireshark users guide and the Wireshark Wiki.
- http://www.wireshark.org/docs
- http://Wiki.wireshark.org/CaptureSetup
Page updated
Google Sites
Report abuse