Wireshark Archives - Page 3 of 6

TFTP Protocol Profile with Packet Diagram (Wireshark v3.3.0 and later)

Post Views: 2,251 TFTP is designed to be a stripped-down file transfer protocol without authentication or many of the features that FTP and other protocols offer. Instead, it has two main options: file read requests and file write requests. TFTP is an insecure file transfer protocol with many more secure alternatives. If TFTP traffic exists in […]

TFTP Protocol Profile with Packet Diagram (Wireshark v3.3.0 and later) Read More »

A Better Default profile with Redaction (for v3.4.0 and later)

By Andrew Walding

Post Views: 2,161 This is a clever little customization of our Better Default Profile (details here) that you can use to redact packets! To learn more about this technique, watch our short Youtube video: Start using this Better Default profile with Packet Redaction right away and you will see, it is like the springboard

A Better Default profile with Redaction (for v3.4.0 and later) Read More »

A Better Default profile with Packet Diagram (for v3.4.0 and later)

By Andrew Walding

Post Views: 3,844 Most Wireshark users agree that the default profile is simply not good enough. The default should be a profile that you can start troubleshooting from. It should be a place where you can check off some important basics as you begin your evidence gathering. My “better default” with Packet Diagram profile is

A Better Default profile with Packet Diagram (for v3.4.0 and later) Read More »

USB Capture Profile

By Andrew Walding

Post Views: 2,579 If you capture on a USB port, this USB profile will help you to focus on the USB packets. Filter Buttons to find Devices, and Configurations. Note: This is a beginning, and if you want to add features please let me know.

USB Capture Profile Read More »

WLAN Wi-Fi Security Profile

By Andrew Walding

Post Views: 43,037 For those of you who love Wireshark and are supporting WLAN Wi-Fi Wireless networks, we would like to offer a great profile for WLAN/Wi-Fi that focuses on the security issues of Wi-Fi/WLAN packets. There are several differences between this profile and our other WLAN profiles. Consider the areas you would want to

WLAN Wi-Fi Security Profile Read More »

WLAN Wi-Fi Timing Profile

By Andrew Walding

Post Views: 22,909 For those of you who love Wireshark and are supporting WLAN Wi-Fi Wireless networks, we would like to offer a great profile for WLAN/Wi-Fi that focuses on the timing issues of Wi-Fi/WLAN packets. Consider the areas you would want to start with: Timing information (Duration – NAV, Preamble, and IFS) Special Colorization

WLAN Wi-Fi Timing Profile Read More »

IETF QUIC Protocol Profile with decryption

By Andrew Walding

Post Views: 2,983 Now that we have the IETF QUIC and HTTP3 released and in play in the network, if you want to see this protocol, use this profile. Read more at my article here. This profile will help you work with IETF QUIC that has been decrypted so you can see the HTTP3 traffic.

IETF QUIC Protocol Profile with decryption Read More »

DHCPv4 Profile

By Andrew Walding

Post Views: 13,745 This was long overdue! Added columns for the key DHCP information. Added display filters and coloring rules for the various DHCP message types. Added a display filter for any non-standard port DHCP messages.

DHCPv4 Profile Read More »

Jeff Carrell’s IPv6 Profile

By Andrew Walding

Post Views: 2,430 My good friend and fellow IPv6 evangelist offers his IPv6 Profile to the repository! Thanks Jeff!

Jeff Carrell’s IPv6 Profile Read More »

An Ethernet L2 Profile (Wireshark 3.4.0 an onwards)

By Andrew Walding

Post Views: 13,500 This simple Ethernet L2 profile will start you off with several handy columns and more. Enjoy! What would you add??

An Ethernet L2 Profile (Wireshark 3.4.0 an onwards) Read More »

GQUIC Protocol Profile

By Andrew Walding

Post Views: 4,921 Updated 6/29/18 from feedback! Thanks to your comments! Enjoy! A note: this profile will probably not help now that we have the IETF QUIC released and in play in the network. You will want to grab the IETF QUIC profile we have posted. This will work on older GQUIC/QUIC captures. Read more

GQUIC Protocol Profile Read More »

A Simple TCP Profile

By Andrew Walding

Post Views: 5,157 Inspired by fellow troubleshooters, this simple TCP profile is often a good way to scan captures trying to find pattern changes. For detailed troubleshooting we would then switch to out other TCP profile. But check this out!

A Simple TCP Profile Read More »

A DNS Profile for Wireshark

By Andrew Walding

Post Views: 16,985 Updated 02/12/25 from feedback! Thanks to your comments! Enjoy! Every application turn starts with DNS! This is a great profile for DNS learning, troubleshooting, and analysis. See the contents below: What’s different? We changed the colors to be more vivid and easier to distinguish. Remember you can always disable color or modify

A DNS Profile for Wireshark Read More »