Wireshark Archives - CellStream, Inc.

How to Set a WLAN Frequency or Channel in Linux for Wireshark Packet Capture

Leave a Comment / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 121 Learning how to manually control Wi-Fi channels in Linux is a foundational skill for wireless troubleshooting and packet analysis. Proper channel selection is critical because Wi-Fi troubleshooting is highly dependent on capturing the correct RF environment at the correct moment in time. When combined with Wireshark, Linux monitor mode provides one of […]

How to Set a WLAN Frequency or Channel in Linux for Wireshark Packet Capture Read More »

A New Wireshark Welcome Screen

Leave a Comment / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 258 If you have upgraded Wireshark to the latest version 4.6.5 and later, you will note a big change to the “welcome” screen, or home screen of Wireshark. It now looks like this: The two “boxes” on the right are new and bold. The tips and tricks is great for new Wireshark users,

A New Wireshark Welcome Screen Read More »

Net Neutrality at the Packet Level

Leave a Comment / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 284 Net neutrality is typically framed as a policy debate (see my background Net Neutrality post here), but its real implications are observable in packet-level behavior. For network engineers and broadband technicians, the question is not abstract: can you see evidence of blocking, throttling, or prioritization in a packet capture? Using Wireshark, it

Net Neutrality at the Packet Level Read More »

Mapping ABR to TCP Congestion Control and QUIC

Leave a Comment / The CellStream Blog / By Andrew Walding

Post Views: 469 I described what Adaptive Bit Rate Streaming (ABR) is in my prior article, if you need that background. Also there is an ABR Lab Exercise if you want some hands on learning with ABR that will show you visually some of the items discussed below. Here, I wanted to dive a little

Mapping ABR to TCP Congestion Control and QUIC Read More »

What Is Adaptive Bitrate Streaming (ABR)?

Leave a Comment / The CellStream Blog / By Andrew Walding

Post Views: 397 Adaptive Bitrate Streaming (ABR) is a video delivery method that dynamically adjusts the quality of a stream in real time based on three things: network conditions, device capability, and player performance. Instead of delivering a single fixed-quality, and therefore fixed transfer rate video, ABR continuously selects the most appropriate bitrate to maintain

What Is Adaptive Bitrate Streaming (ABR)? Read More »

A Synthetic ABR Lab Exercise

Leave a Comment / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 348 The following is a step by step lab exercise to examine ABR – Adaptive Bit Rate used in modern video content delivery. I won’t explain ABR here – you can read about ABR and what it is, and how it works here in a recent post. We will analyze a synthetic but

A Synthetic ABR Lab Exercise Read More »

What is TCP CUBIC and Why so popular?

Leave a Comment / The CellStream Blog / By Andrew Walding

Post Views: 627 Most people do not know this, but TCP CUBIC is the dominant congestion control algorithm used in modern TCP/IP networks. It is designed to efficiently utilize high-speed, long-distance links while maintaining fairness across flows with different round-trip times (RTTs). Today, it is the default congestion control algorithm in most Linux systems, and

What is TCP CUBIC and Why so popular? Read More »

Create your own Wireshark Labs with AI

Leave a Comment / The CellStream Blog / By Andrew Walding

Post Views: 1,220 I have been teaching Wireshark classes since the early 2000’s, and using it since it was called Ethereal. My usage has primarily focused around troubleshooting network issues that have a packet capture associated with them. My fellow troubleshooters will tell you that this is not always the case. But, if we are

Create your own Wireshark Labs with AI Read More »

Combining Wireshark Ring Buffers with Capture Filters for Performance

Leave a Comment / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 743 Check out these great references as well: Our custom profiles repository for Wireshark Our Udemy course on Wireshark Our Udemy course on Wireless Packet capture In our previous post I showed you how to use Wireshark’s Ring Buffer feature. I think we can all agree how great that feature is. In this

Combining Wireshark Ring Buffers with Capture Filters for Performance Read More »

Wireshark Ring Buffer Capture Feature

Leave a Comment / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 1,415 Check out these great references: Our custom profiles repository for Wireshark Our Udemy course on Wireshark Our Udemy course on Wireless Packet capture Wireshark’s Ring Buffer feature is a capture mechanism feature that automatically rotates packet capture files based on size or time limits, overwriting the oldest files when a defined limit

Wireshark Ring Buffer Capture Feature Read More »

The TLS 1.2 Protocol Ladder

Leave a Comment / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 1,503 I provide this information for reference when examining TLS in Wireshark. The TLS 1.2 protocol ladder (also called the TLS handshake ladder) describes the step-by-step sequence of message exchanges between a client and server as they negotiate a secure, encrypted connection. Think of it as a “ladder” where each side alternates rungs

The TLS 1.2 Protocol Ladder Read More »

What is the Adapter for loopback traffic capture in Wireshark?

Leave a Comment / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 4,847 Using a loopback adapter (also called a local loopback interface) for packet capture in Wireshark allows you to capture traffic that stays within your own computer — for example, packets exchanged between local applications via localhost or 127.0.0.1. Normally, this traffic never reaches a physical network interface, so a loopback capture is

What is the Adapter for loopback traffic capture in Wireshark? Read More »

Ethernet Taps to Capture Network Traffic

Leave a Comment / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 2,457 Many technicians and network engineering staff, as well as IT staff, often need to “tap” into the Ethernet to capture and troubleshoot network traffic. A full-duplex tap (also called a network tap) is a hardware device placed inline on an Ethernet link that allows network engineers to capture all traffic traveling in

Ethernet Taps to Capture Network Traffic Read More »

Can ChatGPT 5 analyze PCAP’s?

2 Comments / Networking and Computing Tips and Tricks / By Andrew Walding

Post Views: 5,608 I am a ChatGPT subscriber to the basic (not PRO) service. I saw the following post on LinkedIn and was fascinated: Think about the implications. You don’t need to know how to use Wireshark other than to do a capture. You certainly don’t need to know how to troubleshoot packet captures as

Can ChatGPT 5 analyze PCAP’s? Read More »

Is Wireshark a Red Team or Blue Team Tool?

Leave a Comment / Frequently Asked Questions / By Andrew Walding

Post Views: 2,058 Great question. In one sentence it is a purple tool, meaning both! Wireshark itself is a passive tool, it is non-intrusive — it doesn’t create attacks — but it’s a force multiplier for both Red and Blue Teams depending on who controls the capture point and how the data is used. Let

Is Wireshark a Red Team or Blue Team Tool? Read More »