Wireshark Archives - Page 3 of 6

TFTP Protocol Profile with Packet Diagram (Wireshark v3.3.0 and later)

TFTP is designed to be a stripped-down file transfer protocol without authentication or many of the features that FTP and other protocols offer. Instead, it has two main options: file read requests and file write requests. TFTP is an insecure file transfer protocol with many more secure alternatives. If TFTP traffic exists in a network traffic […]

TFTP Protocol Profile with Packet Diagram (Wireshark v3.3.0 and later) Read More »

A Better Default profile with Redaction (for v3.4.0 and later)

Leave a Comment / By Andrew Walding

This is a clever little customization of our Better Default Profile (details here) that you can use to redact packets! To learn more about this technique, watch our short Youtube video: Start using this Better Default profile with Packet Redaction right away and you will see, it is like the springboard for your troubleshooting

A Better Default profile with Redaction (for v3.4.0 and later) Read More »

A Better Default profile with Packet Diagram (for v3.4.0 and later)

Leave a Comment / By Andrew Walding

Most Wireshark users agree that the default profile is simply not good enough. The default should be a profile that you can start troubleshooting from. It should be a place where you can check off some important basics as you begin your evidence gathering. My “better default” with Packet Diagram profile is just that. This

A Better Default profile with Packet Diagram (for v3.4.0 and later) Read More »

USB Capture Profile

Leave a Comment / By Andrew Walding

If you capture on a USB port, this USB profile will help you to focus on the USB packets. Filter Buttons to find Devices, and Configurations. Note: This is a beginning, and if you want to add features please let me know.

USB Capture Profile Read More »

WLAN Wi-Fi Security Profile

Leave a Comment / By Andrew Walding

For those of you who love Wireshark and are supporting WLAN Wi-Fi Wireless networks, we would like to offer a great profile for WLAN/Wi-Fi that focuses on the security issues of Wi-Fi/WLAN packets. There are several differences between this profile and our other WLAN profiles. Consider the areas you would want to start with: Timing

WLAN Wi-Fi Security Profile Read More »

WLAN Wi-Fi Timing Profile

Leave a Comment / By Andrew Walding

For those of you who love Wireshark and are supporting WLAN Wi-Fi Wireless networks, we would like to offer a great profile for WLAN/Wi-Fi that focuses on the timing issues of Wi-Fi/WLAN packets. Consider the areas you would want to start with: Timing information (Duration – NAV, Preamble, and IFS) Special Colorization based on various

WLAN Wi-Fi Timing Profile Read More »

IETF QUIC Protocol Profile with decryption

Leave a Comment / By Andrew Walding

Now that we have the IETF QUIC and HTTP3 released and in play in the network, if you want to see this protocol, use this profile. Read more at my article here. This profile will help you work with IETF QUIC that has been decrypted so you can see the HTTP3 traffic. To set up

IETF QUIC Protocol Profile with decryption Read More »

DHCPv4 Profile

Leave a Comment / By Andrew Walding

This was long overdue! Added columns for the key DHCP information. Added display filters and coloring rules for the various DHCP message types. Added a display filter for any non-standard port DHCP messages.

DHCPv4 Profile Read More »

Jeff Carrell’s IPv6 Profile

Leave a Comment / By Andrew Walding

My good friend and fellow IPv6 evangelist offers his IPv6 Profile to the repository! Thanks Jeff!

Jeff Carrell’s IPv6 Profile Read More »

An Ethernet L2 Profile (Wireshark 3.4.0 an onwards)

Leave a Comment / By Andrew Walding

This simple Ethernet L2 profile will start you off with several handy columns and more. Enjoy! What would you add??

An Ethernet L2 Profile (Wireshark 3.4.0 an onwards) Read More »

GQUIC Protocol Profile

Leave a Comment / By Andrew Walding

Updated 6/29/18 from feedback! Thanks to your comments! Enjoy! A note: this profile will probably not help now that we have the IETF QUIC released and in play in the network. You will want to grab the IETF QUIC profile we have posted. This will work on older GQUIC/QUIC captures. Read more at my article

GQUIC Protocol Profile Read More »

A Simple TCP Profile

Leave a Comment / By Andrew Walding

Inspired by fellow troubleshooters, this simple TCP profile is often a good way to scan captures trying to find pattern changes. For detailed troubleshooting we would then switch to out other TCP profile. But check this out!

A Simple TCP Profile Read More »

A DNS Profile for Wireshark

Leave a Comment / By Andrew Walding

Updated 02/12/25 from feedback! Thanks to your comments! Enjoy! Every application turn starts with DNS! This is a great profile for DNS learning, troubleshooting, and analysis. See the contents below: What’s different? We changed the colors to be more vivid and easier to distinguish. Remember you can always disable color or modify these yourself. 1,

A DNS Profile for Wireshark Read More »