This section contains general information, tips and tricks, light reading, entertainment and other general fodder. Enjoy!
Just a quick tip on how to add packet comments to your packet captures. The use cases are fairly straight forward: perhaps you want to add comments as you troubleshoot a packet capture, or perhaps you want to record what you found for later demonstration, or perhaps you just want to remember two years later […]
Adding Packet Comments in Wireshark Read More »
In Wireshark 3.3.0 development release, and 3.4.0 stable release and later, you are going to find a hidden gem. Wireshark call this the Packet Diagram, and I absolutely love it. Let’s say you are a pen-tester or a test engineer who is looking at a packet capture and you want to document what is happening
Packet Diagram feature in Wireshark Read More »
In Wireshark 3.4.0 stable release and later, you are going to find a display button feature that we have already leveraged to change all our profiles. We now have the ability to nest display filter buttons, and I absolutely love this feature. One of the cool things about being able to customize Wireshark is to
Nested Display Filter Buttons feature in Wireshark Read More »
In this article we will get you started with the iPerf tool. We will be using it in a Linux environment, but know that it is available for all systems at http://iperf.fr. iPerf is used to test performance, throughput, packet loss, and jitter on TCP/IP networks. iPerf defaults to testing TCP – port number 5002. iPerf
Getting started with iPerf – an illustrated step by step procedure Read More »
Just like out article on Network Management Tools (you can read/view that list here), I wanted to compile a list of Networking Utilities and Tools in this article. These are software programs. All these tools can be essential to troubleshooting network issues, as well as learning how the network works. If you are looking for
Networking Utilities and Tools Read More »
Check out these great references as well: Our custom profiles repository for Wireshark Our Udemy course on Wireshark Our Udemy course on Wireless Packet capture Whenever your web browser connects to a web server using HTTPS, a secure connection is established, keys are exchanged, and the traffic is encrypted. We won’t spend any time in
How to Decrypt HTTPS on Windows in Wireshark Read More »
One of the things that we have to do when capturing packets is save the packet captures to a file, so we can study them, or even send them to someone else who can help us to understand what is happening, or to send them the manufacturers as evidence of what went wrong with an
Anonymizing Capture Files and More with Tracewrangler Read More »
Microsoft has added a packet sniffing/packet capture tool in the latest Windows 10 update. We have previously discussed using the ‘netsh’ command to do packet capture in Windows (see my article here). The pktmon tool is new. What does this mean? Is it better than netsh? Does it integrate with Wireshark? Well, it means you
Packet Capture in Windows using pktmon.exe Read More »
Check out these great references as well: Our Wireless custom profile for Wireshark Our Udemy course on Wireless Packet capture Our other Wi-Fi related articles Ok all you MAC users, here is the way you capture Wi-Fi/WLAN frames using your MAC and Wireshark. First, MAC users get a really easy time of putting their interface
Capturing Wi-Fi WLAN Packets in Wireshark on MAC OSx Read More »
Check out these great references as well: Our Wireless custom profile for Wireshark Our Udemy course on Wireless Packet capture Our other Wi-Fi related articles There are several other articles that we have written on various Windows 10 WLAN/Wi-Fi commands that you can execute to perform various important wireless information gathering and management. We will
Windows WLAN/Wi-Fi Commands of Interest Read More »
WIndows 10 has several interesting WLAN/Wi-Fi commands you can run from the Windows 10 command or Powershell. One of them is the WLAN Report. It takes two steps to view this information. Step 1. Run Windows CMD as Administrator. Then enter the command: netsh wlan show wlanreport Here is an example output: Note that the
Viewing the WLAN/Wi-Fi details via the WLAN Report in Windows 10 Read More »
I saw an interesting question recently that I thought I would offer up an answer to: In Windows ‘netsh wlan show interfaces’, what does the signal % mean? Here is an example (I have two wireless interfaces on my system – Wi-Fi is the built in wireless adapter, and Wi-Fi4 is an external adapter –
What is the % signal in Windows Wireless? Read More »
Using Wireshark in Microsoft Windows reveals some quirks that naturally leave you scratching your head as to what is going on. For example, when I launch Wireshark on my Windows 10 system I see a bunch of different interfaces. Some make sense (Wi-Fi, Ethernet 2) but others….: What are all the Local Area Connections? What
What are all the Microsoft local area connections? Read More »
A common question regarding Wireshark packet analysis is “Can I find a text string in a packet capture?” Check out these great references as well: Our custom profiles repository for Wireshark Our Udemy course on Wireshark Our Udemy course on Wireless Packet capture The answer is that it depends on where the text string is
Finding Text Strings in Wireshark Captures Read More »
Example IPv6 Fragmentation Attack
Example IPv6 Fragmentation Attack Read More »
