We have a .Net 4.6.1 service that is using HttpWebRequest to send a HTTPS request to another web service. We're trying to capture the problem we're having with this request so we can send a data lo...

I'm using following code for capturing incoming and outgoing tcp packets by ports: tcpdump -i any -s 0 -vvv -A port 3727 or port 5016 or port 3724 -w /home/admin/dump1.cap But tcpdump captures o...

I just installed Wireshark, but when I click capture > interfaces, the dialog box appears, but it does not contain my network interface. When click on capture > interfaces it appears as in t...

When you write a dissector for Wireshark, how do you test it? Looking for the visual output in the UI is not sufficient for a none-trivial protocol. Is there a good way for unit testing of the dis...

There is a “Don't fragment” flag in IP header. Could applications set this flag ? When to set this flag and why?

My goal is to have a plugin/dissector that can parse a protocol based on protobuf (UDP). I found on the web an Auto-generate Wireshark/Ethereal dissector plugins for Protocol Buffer messages: https...

I have been trying to capture WIFI packets with Linux and see the frequency/channel at which packet was captured. I tried Wireshark and there was no luck and no help. Though using a sample packets ...

Context: I have a *.pcap file with many WLAN probe requests. My goal is to extract the WLAN management frame of each probe request as raw bytes (that is, no headers and no extra information - only...

I am capturing TCP packets using a Wireshark tool, TShark.exe. See below code example: cd 'c:\program files\WireShark\' .\tshark.exe -c 10 Capturing on 'Ethernet0' 1 0.000000 192.168.1.0 -> 192...

I am trying to get Wireshark USB captures working. Apparently the trick prior to Catalina was to just bring the interface up so that Wireshark could see it. https://forums.developer.apple.com/thre...

Because we develop using remote Mysql server , so cannot check query sql easily, if use local server you can tail - f general_log_file to see which sql are executed when call some http interface. S...

I'm trying to debug a web app using websockets to pass binary data. Chrome DevTools has this handy network tab that can display websocket frames... except for binary frames it just says Binary Fram...

Recently I have problem with Open Graph checkers unable to detect Open Graph data?. It turns out that the bots from the checkers are unable to access data. However, since I have no root access to m...

I'm trying to submit a multipart form through a C# and a VB.NET console application, but how do I see what it actually looks like? I've seen on some forums that you can see what it looks like throu...

I'm using Wireshark 3.0.0 (Git) to sniff Mongo packets. I can see the packets in port 27017 but the protocol identifies them as TCP and not as Mongo. After checking protocol preferences, Mong...

We're seeing this pattern happen a lot between two RHEL 6 boxes that are transferring data via a TCP connection. The client issues a TCP Window Full, 0.2s later the client sends TCP Keep-Alives, to...

I would like to monitor network traffic of my Android Phone. I was thinking using tcpdump for Android, but I'm not sure if I have to cross-compile for the phone. Another question is the following,...

I have two parts, a client and a server. And I try to send data (size > 5840 Bytes) from the client to the server and then the server sends the data back. I loop this a number of times waiting a...

I have been looking at DNS response packets in Wireshark, and am not able to understand hex coding for the answer and authoritative sections. Considering DNS query for: mail.abcd.com The answer ...

Burp Suite and Wireshark are said to be the best tools for penetration testing. I'm curious what the difference is between them, and the pros and cons of each.

I wrote a simple server app in C which runs on localhost. How to capture localhost traffic using Wireshark?

Can anyone guide me on the following? I'm trying to figure out the answer as seen in the first question inside the blog malwarejake[.]blogspot.com/2015/05/packet-analysis-practice-part-3.html . ...

Is my observation correct that RTP/RTCP packets from a webRTC stream cannot be analyzed in Wireshark running on the same desktop to analyze RTP packets because the browser would have encrypted them...

I'm trying to test an application that uses a database connection. What I would like to do is throttling the bandwith to, say, 1 MBit or such to get a better feeling for the application under reali...

I have pcap file which contains many DNS request and responses and i want to find the max value of ttl field from all of these packets for example: If my pcap packets are the following: DNS resp...