Wireshark Notes
segment - layer 4
packet- layer 3
frame - layer 2
tcp stream index to find specific tcp stream
conversation filter could do the same.
Follow TCP stream
Statistic--> conversation = summary of capture files..Can be used to find out toptalkers, etc.
HTTP response times (request-response)
Should take a baseline of the network.
-----------------------
Regular expression
[xy] means anything inside x or y;(?!)means following is case sensitive
"[aA][bB][cC]"" or "(?!)abc" --> string abc case insensitive
| means or
"(?!)(abc|xyz)? --> abc or xyz case insensitive
. wildcard means any single character
"(?!)(a.c|x..)" --> aSOMETHINGc or xSOMETHINGSOMETHING
{x,y} previous character before bracket can be repeated x to y times
"(?!)(cbt.{5,7}s)"--> cbtnuggets
---------------------------
IO output to see amount of packets/throughput using display filter in the captured file
Expert info -
Extract http-images, ftp files from the trace.
No comments:
Post a Comment