Skip to main content
Unix & Linux

Questions tagged [wireshark]

Ask Question

The tag has no summary.

127 questions
Newest Active Bountied Unanswered
0 votes
0 answers
47 views

Edit: 05/24, I'm able to capture wirshark logs in my WSL Ubuntu distro , But still when wireshark logs are captured through windows hyper-v interface from windows it does not capture all the packets ...
Anton's user avatar
  • 1
1 vote
1 answer
98 views

I'm trying to build an nftables rule which can throttle SCTP traffic which contains DIAMETER. I would further like to only drop Authentication Information Requests (AIR). So in general everything ...
Henrik's user avatar
  • 11
1 vote
1 answer
207 views

I'm writing a Wireshark dissector for our CAN bus protocol and I've noticed that tcpdump captures CAN frames twice and its output differs from candump program. For example, when I execute following ...
Radovan Beler 's user avatar
  • 13
0 votes
1 answer
117 views

I want to achieve this: I have a Linux guest VM using QEMU, using directly a USB Wi-Fi stick via USB passthrough. In the meantime, using wireshark, I want to sniff the network data from it. In my ...
Dimitrios Desyllas's user avatar
  • 1,321
0 votes
1 answer
293 views

On my Linux iMac I have flashed 2 x CC2531 Zigbee dongles successfully (I believe), following this manual: https://www.zigbee2mqtt.io/advanced/zigbee/04_sniff_zigbee_traffic.html I needed to install ...
TheGlasses's user avatar
  • 59
0 votes
0 answers
195 views

I have some PCAP files from which I'm trying to extract metadata. I am doing this using tshark, opening the file, extracting a couple dozen fields, then writing the table to disk. I've noticed that ...
CopyOfA's user avatar
  • 123
0 votes
1 answer
1k views

I have a websocket connection to wss://ws.example.com, is it possible to capture the websocket traffic using wireshark? I have already tried to using websocket filter in wireshark Version 4.2.0 (v4.2....
Dolphin's user avatar
  • 791
0 votes
2 answers
72 views

I have a setup of three computers that are all on the same subnet and connected to a switch. All services are reachable. I'm pinging from PC(1) to PC(2). Opening tshark with PC(3) but cannot see ...
ptiza_v_nebe's user avatar
  • 83
1 vote
0 answers
79 views

I am running two TCPDUMP Commands back to back. Here is the sequence Run the below command root@open5Gs:/home/test# tcpdump -l -vvv -s0 -i any -B 4096 -nn -w /home/test/tc060.pcap -c 1500 Execute ...
Sayantan_Dell's user avatar
  • 11
1 vote
1 answer
871 views

I'm trying to filter traffic by src ether host to see all devices with a specific MAC prefix. If this were like IP, it might filter with src ether host aa:bb:cc:00:00:00/24 to see OUI's matching aa:...
KJ7LNW's user avatar
  • 535
1 vote
0 answers
213 views

Using usbmon it's possible to capture USB traffic in Wireshark. I want to do the same for SATA. Is it possible? If it is not possible in Wireshark directly it would be nice to later open the capture ...
zomega's user avatar
  • 1,022
1 vote
1 answer
188 views

I am working with lots of PCAP files and trying to convert them into .tsv files for tabular analysis. So I'm using tshark in a Ubuntu 22 VirtualBox machine to dissect each packet. I have a bash ...
CopyOfA's user avatar
  • 123
1 vote
1 answer
1k views

I am new to using snort and still learning in university. I am wondering after I find an intrusion how can I log it and save it as a pcap file? What would the syntax look like to do this? So I can ...
Albion69's user avatar
  • 21
0 votes
0 answers
199 views

When I created a Windows 10 vm inside of a Windows 10 host, a device was automatically created for it that I could monitor with Wireshark and see only the traffic going in and out of that VM. I ...
Ego's user avatar
  • 3
1 vote
1 answer
228 views

Every then and now, my android cell phone cannot connect to my Wi-Fi and says: unable to obtain IP address. After some time (sometimes minutes, sometimes hours) connection is back to normal. This is ...
Reinhard Mayr's user avatar
  • 11

15 30 50 per page
1
2 3 4 5
9