Post Views: 146 This file contains the following synthetic Wireshark capture files: The lab procedure is in this post: https://www.cellstream.com/2026/04/23/net-neutrality-at-the-packet-level/
Net Neutrality Synthetic Lab Exercise Read More »
Post Views: 166 As discussed in my Net Neutrality post, I have created a Net Neutrality profile that helps with some display filter buttons and modification of columns. This is just a tool, and I strongly urge you to read and do the lab as described in the article.
Net Neutrality Wireshark Profile Read More »
Post Views: 279 LLDP (Link Layer Discovery Protocol) is a vendor-neutral Layer 2 protocol defined by the IEEE 802.1AB that allows network devices to advertise identity and capabilities to directly connected neighbors on the same Ethernet segment. Think of LLDP as a “hello, here’s who I am and what I can do” broadcast at Layer
A L2 LLDP Profile for Wireshark Read More »
Post Views: 333 CAN bus (Controller Area Network) is a robust, multi-master, message-based serial communication protocol used primarily in vehicles and industrial systems to allow Electronic Control Units (ECUs) to communicate over a shared two-wire differential bus without a central host. It was developed by Robert Bosch GmbH in the 1980s for automotive applications and
A CANBUS profile for Wireshark Read More »
Post Views: 5,344 Special thanks to Peter Gaudiomonte for sharing this profile to the repository. What is JA4+? JA4+ is an extension of the JA4 (Just Another 4-tuple) family of fingerprinting techniques. It’s used for network traffic fingerprinting—especially in encrypted traffic analysis—and can be useful for threat detection, TLS/QUIC fingerprinting, and application identification, even when
A JA4+ Profile for Wireshark Read More »
Post Views: 12,778 Now that we have the IETF QUIC and HTTP3 released and in play in the network, if you want to see this protocol, use this profile. Read more at my article here. This profile will help you work with IETF QUIC that has not been decrypted so you cannot see the HTTP3
IETF QUIC Protocol Profile – no decryption Read More »
Post Views: 1,470 This is a new version of our HTTP Profile for Wireshark. Wireshark defaults to this header reassembly process being ON. I have added a different version of this profile with this setting turned off – FYI. Header reassembly in HTTP troubleshooting can be confusing due to a combination of protocol layering, packet
A HTTP Profile with HDR Reassembly ON for Wireshark Read More »
Post Views: 1,614 This is a new version of our HTTP Profile for Wireshark. Wireshark defaults to a header reassembly process. I have added this version of the profile with this header reassembly setting turned off. Everything else is the same between the two profiles. Header reassembly in HTTP troubleshooting can be confusing due to
HTTP profile with Header Reassembly turned off for Wireshark Read More »
Post Views: 94,706 For those of you who love Wireshark and are supporting IPv6, we would like to offer an alternative to our default profile for IPv6. This one I call my IPv6 Super Profile. I created this based on modifying the Default IPv6 profile for a client that they called “super”. Think of it
IPv6 Super Profile (for Wireshark 3.4.0 and onwards) Read More »
Post Views: 6,068 Here is a UDP specific profile for Wireshark. Don’t be one of the people who overlook UDP in their troubleshooting! So many critical events in network operations actually use UDP! Especially today, with the rapid emergence of QUIC essentially replacing TCP. Enjoy. Many people overlook the UDP (User Datagram Protocol) in troubleshooting
Post Views: 58,886 Thanks for looking – this is our COMPREHENSIVE pcap file with hundreds of protocols – this is Version 12 Sure, there are others out there, but they all seem to be missing something, sometimes basic protocols like MPLS and many others. That said we asked for and received permission to build upon
Our Comprehensive Pcap File Read More »
Post Views: 113,314 TCP Delta Time refers to the time difference between consecutive Transmission Control Protocol (TCP) packets in a data transmission. It is an important metric when analyzing network performance for several reasons: 1. Network Latency and Performance High Delta Times: When the delta time between TCP packets is high, it may indicate network
TCP Delta Time Analysis Profile for Wireshark Read More »
Post Views: 91,998 TCP Sequence analysis is critical in network troubleshooting because it provides insights into the flow and order of data being transmitted over a network. Here’s why it plays such a crucial role in diagnosing network issues: 1. Ensuring Data Integrity and Order TCP Sequence Numbers: TCP assigns sequence numbers to each byte
TCP SEQ Analysis Profile for Wireshark Read More »
Post Views: 1,290 This LTE profile for Wireshark is contributed by Brent Crier | Network Engineer. Thanks Brent!
Post Views: 1,151 This is a Wireshark profile that helps analyze IEC 60870 packets. IEC 60870 part 5 is one of the IEC 60870 set of standards which define systems used for telecontrol (supervisory control and data acquisition) in electrical engineering and power system automation applications. Part 5 provides a communication profile for sending basic
IEC 60870-5 Profile Read More »
