Folder Wireshark Profiles Repository

sharkteeth

Welcome Fellow Packet Analysts, Sniffers and Dissectors!

We have been asked countless times over the years to share, and provide a sharing place for, Wireshark Profiles.  As most of you who are Wireshark users know, this is perhaps the most important capability of Wireshark that speeds troubleshooting and elimination of possible problem areas, yet there are almost no repositories for Wireshark profiles.  

What????

To use any of the profiles here, simply download the profile(s) you want, and unzip them into the Wireshark profiles directory.  

  • In Windows, you can find the profiles directory by clicking Help> About Wireshark> Folders Tab, and then select the Personal Configuration hyperlink to open File Manager.
  • In MAC OSx, you can find the profiles directory by clicking Wireshark> About Wireshark> Folders Tab, and then select the Personal Configuration hyperlink to open Finder.
  • In Linux, you can find the profiles directory by clicking Help> About Wireshark> Folders Tab, and then select the Personal Configuration hyperlink to open the default file manager.

If you do not see a "profiles" folder, then create one (all lower case).

We have always shared our profiles, but we have never opened up a place for others to share back!  

So after much consideration, we have decided to give this a try!  

It would be unsafe to simply open this up to anyone who wishes to upload anything.  So if you wish to contribute a profile, or you modify/improve one of these profiles, please zip up the profile and email me (andyw@cellstream.com)!  I will post sent profiles here.

Also, feel free to browse our other Wireshark related articles and information here!

 

Documents

archive A Better Default Profile for Wireshark Popular

By Tagged in Profile, Wireshark 722 downloads

Download (zip, 43 KB)

Better Default (1).zip

A Better Default Profile for Wireshark

Most Wireshark users agree that the default profile is simply not good enough.  

Download this "Better Default" profile and always start your profiles customization from this profile.  We think you will agree.

archive A DNS Profile for Wireshark Popular

By Tagged in DNS, Profile, Wireshark 266 downloads

A DNS Profile for Wireshark

This is a great profile for DNS learning and analysis.  Enjoy!

archive A Minimal Dissector Profile for Wireshark Popular

By Tagged in Profile, Wireshark 693 downloads

Download (zip, 48 KB)

Minimal Dissector (1).zip

A Minimal Dissector Profile for Wireshark

If you deal with enormous capture files, speeding your work process up is crucial.

This is a minimized dissector profile that will reduce Wisreshark crashes, speed your carving/parsing jobs, and generally speed up Wireshark activities such as Statistics.

What did we do?  We simply went to Analyze> Enabled Protocols, disabled all the protcols and then turned on a minimized set.

Try this profile, and then add or delete protocols as you need to for your purposes.

View details here.  Enjoy!

archive A Profile for IPv4 focus Popular

By Tagged in IPv4, Profile, Wireshark 492 downloads

Download (zip, 43 KB)

IPv4 Default.zip

A Profile for IPv4 focus

IPv4 has essential information in the header that this profile focuses on such as the Quality of Service marking of the packet and other vital information.

You can read more about this profile here.

archive A Profile that simply turns off IP and TCP Checksum Validation Popular

By Tagged in Profile, TCP, Wireshark 482 downloads

Download (zip, 1 KB)

NoChecksum.zip

A Profile that simply turns off IP and TCP Checksum Validation

Checksum Offloading can be an annoyance.  Luckily Wireshark allows you to turn this off at IP, TCP and even UDP.  Navigating to these settings can be cumbersome, so why not have a profile that has the checksum validation process turned off?  Exactly what this profile is about.

archive A Real Time Control Protocol RTCP profile for VoIP analysis in Wireshark Popular

By Tagged in Profile, RTCP, VoIP, Wireshark 432 downloads

Download (zip, 41 KB)

NetSci-RTCP.zip

A Real Time Control Protocol RTCP profile for VoIP analysis in Wireshark

This profile is for VoIP analysis in Wireshark.  You need a number of profiles to be successful with VoIP packet analysis.  

This profile focuses on RTCP.

archive A Real Time Protocol (RTP) profile for VoIP analysis in Wireshark Popular

By Tagged in Profile, RTP, VoIP, Wireshark 447 downloads

A Real Time Protocol (RTP) profile for VoIP analysis in Wireshark

This profile is for VoIP analysis in Wireshark.  You need a number of profiles to be successful with VoIP packet analysis.  

This profile focuses on RTP.

archive A Session Description Protocol (SDP) Profile for VoIP Analysis Popular

By Tagged in Profile, VoIP, Wireshark 438 downloads

A Session Description Protocol (SDP) Profile for VoIP Analysis

This profile is for VoIP analysis in Wireshark.  You need a number of profiles to be successful with VoIP packet analysis.  

This profile focuses on SDP.

archive A Session Initialization Protocol (SIP) Profile for VoIP analysis in Wireshark Popular

By Tagged in Profile, SIP, VoIP, Wireshark 432 downloads

A Session Initialization Protocol (SIP) Profile for VoIP analysis in Wireshark

This profile is for VoIP analysis in Wireshark.  You need a number of profiles to be successful with VoIP packet analysis.  

This profile focuses on SIP.

archive A Simple HTTP Profile Popular

By Tagged in HTTP, Profile, Wireshark 249 downloads

A Simple HTTP Profile

This simple HTTP profile will start you off with several handy expression buttons, display filters and more.  Enjoy!

What would you add??

archive A SMB protocol Profile for Wireshark Popular

By Tagged in Profile, SMB, TCP, Wireshark 224 downloads

A SMB protocol Profile for Wireshark

Here is a profile for use with SMB (Server Message Block) protocol in Wireshark.  The focus is SMB2 and TCP of course. 

archive A Spanning Tree Protocol (STP) Profile Popular

By Tagged in Profile, STP, Wireshark 512 downloads

A Spanning Tree Protocol (STP) Profile

Ah, our frienemy STP.  It can be so nice and yet so troublesome.  Here is a great Spanning Tree profile to help find BPDU's and reveal their contents swiftly and easily.

archive A VoIP QoS profile for analysis in Wireshark Popular

By Tagged in Profile, QoS, VoIP, Wireshark 454 downloads

Download (zip, 44 KB)

NetSci-VoIP-QoS.zip

A VoIP QoS profile for analysis in Wireshark

This profile is for VoIP analysis in Wireshark.  You need a number of profiles to be successful with VoIP packet analysis.  

This profile focuses on QoS.

archive A Wireshark TCP Troubleshooting Profile Popular

By Tagged in Profile, TCP, Wireshark 905 downloads

Download (zip, 44 KB)

Better TCP Default (1).zip

A Wireshark TCP Troubleshooting Profile

Most network engineers and technicians are quickly discovering that with "everything over IP" we are required to understand exactly what this means.  For most data communications this means transport over TCP.  Furthermore, it requires the ability to troubleshoot TCP.  To troubleshoot TCP you have to look at the packets.  To look at the packets, the best tool is Wireshark!

For those of you who love Wireshark and are supporting TCP, we would like to offer a great default profile for TCP.  Consider for a moment what would be important in your network administration in TCP:

  • Knowing the key components of information to tack TCP behavior
  • Being able to identify TCP packets with certain pertinent information
  • Being able to detect interesting TCP process issues

View details here.

archive An ARP Protocol focus Profile for Wireshark Popular

By Tagged in ARP, Profile, Wireshark 518 downloads

An ARP Protocol focus Profile for Wireshark

In an IPv4 and Ethernet network, the protocol that makes the two layers work together is ARP.  This awesome profile focuses on ARP analysis.

archive An Ethernet VLAN Profile - focus on 802.1q Popular

By Tagged in 802.1q, Ethernet, Profile, VLAN, Wireshark 536 downloads

An Ethernet VLAN Profile - focus on 802.1q

If you are working in VLAN's, having a profile that displays the VLAN ID and any QoS marking in the VLAN tag is essential.  This profile adds those columns to Wireshark plus more.

archive An ICMP for IPv4 Networks Profile Popular

By Tagged in ICMP, IPv4, Profile, Wireshark 470 downloads

An ICMP for IPv4 Networks Profile

The Internet error reporting protocol is ICMP.  It is one of those 'check it off the list' quick verifications you have to make to insure that issues being reported by the network are not the problem.  This profile is a simple way to quickly eliminate or confirm ICMP problems in IPv4 networks.

archive An OpenFlow protocol Profile Popular

By Tagged in OpenFlow, Profile, SDN, Wireshark 240 downloads

An OpenFlow protocol Profile

This is our OpenFlow profile used for SDN controller to switch communications, among other SDN functions.  Enjoy!

archive Basic BGP Profile for Wireshark Popular

By Tagged in BGP, Profile, Wireshark 770 downloads

Download (zip, 42 KB)

BGP Default (1).zip

Basic BGP Profile for Wireshark

For those of you who love Wireshark and are supporting BGP, we would like to offer a great default profile for basic BGP.  Consider for a moment what would be important in your network administration in basic BGP:

  • Being able to filter BGP packets quickly, as well as finding potentially bogus BGP
  • Colorizing BGP message types
  • Being able to quickly see Autonomous System numbers, metrics, and AS Paths

All this would be a great starting point.

View details here.

archive Basic MPLS LDP Profile for Wireshark Popular

By Tagged in LDP, MPLS, Profile, Wireshark 786 downloads

Basic MPLS LDP Profile for Wireshark

If you support MPLS operations in your network, then you need to have an MPLS profile.  In this case, we have an LDP profile for you to use.  This is great for fundamental MPLS operations involving LDP.

As with any Profile for Wireshark, to add this profile, within Wireshark, click on Help> About Wireshark> then double click the personal configuration hyperlink.  Open the profiles folder in your file manager/finder, and unzip the file provided here into that profiles folder.

Now when you right click on Wireshark's profile area, you will see the MPLS profile show up!

To read more about this profile - click here.

archive HTTPS Profile Popular

By Tagged in HTTPS, Profile, Wireshark 290 downloads

HTTPS Profile

This is our HTTPS profile that helps isolate HTTPS sessions and quickly filter those sessions.

You can read more about how to use this profile here.

archive Jaspers Default Profile Popular

By Tagged in Profile, Wireshark 285 downloads

Download (zip, 87 KB)

Paket_Jay_Default.zip

Jaspers Default Profile

This is Jasper Bongertz's default profile - find him on Twitter @PacketJay

There you go... this is my main profile, for working on screens with a
minimum resolutions of 1980x1024.

Cheers,
Jasper

archive TRANSUM Default Profile - perfect for the new Wireshark 2.4 and onwards Popular

By Tagged in TRANSUM, Wireshark 250 downloads

Download (zip, 41 KB)

TRANSUM-default.zip

TRANSUM Default Profile - perfect for the new Wireshark 2.4 and onwards

With the new Wireshark 2.4 release you will see TRANSUM is an included plugin.  So we decided to update and share our TRANSUM profile!  Enjoy.

You can read more information here.

archive Wireless Troubleshooting Profile Popular

By Tagged in 802.11, Profile, Wireshark, WLAN 657 downloads

Download (zip, 46 KB)

Wireless-N (1).zip

Wireless Troubleshooting Profile

For those of you who love Wireshark and are supporting WiFi Wireless networks, we would like to offer a great default profile for WiFi.

Consider the areas you would want to start with:

  • Special Colorization based on various packet types
  • Display Filters to quickly find special WiFi packets
  • Capture Filters to aide in only capturing certain WiFi packets 

View details here.

archive Wireshark IPv6 Default Profile Popular

By Tagged in IPv6, Profile, Wireshark 814 downloads

Download (zip, 38 KB)

IPv6 Default (1).zip

Wireshark IPv6 Default Profile

For those of you who love Wireshark and are supporting IPv6, we would like to offer a great default profile for IPv6.  Consider for a moment what would be important in your network administration in IPv6:

  • Certainly anything having to do with ICMPv6
  • Being able to find packets with certain extension headers
  • Being able to detect tunelled packets
  • Being able to note packets with certain IPv6 Addresses

All this would be a great starting point, and you would want to have great colorization of things like neighbor discovery, ICMPv6 errors, etc.

View details here.