Content that refers to the Wireshark packet analysis tool.
Post Views: 1,014 If you have upgraded Wireshark to the latest version 4.6.5 and later, you will note a big change to the “welcome” screen, or home screen of Wireshark. It now looks like this: The two “boxes” on the right are new and bold. The tips and tricks is great for new Wireshark users, […]
A New Wireshark Welcome Screen Read More »
Post Views: 383 Let’s say you are a CO Tech/Engineer or an enterprise network engineer that works with Voice over IP (VoIP). Let’s further say that there are issues with one or more users so you have done a bunch of packet captures, perhaps even used Wireshark’s Ring Buffer capability, and now you want to
Extracting VoIP Packets from Multiple Captures Read More »
Post Views: 593 Learning how to manually control Wi-Fi channels in Linux is a foundational skill for wireless troubleshooting and packet analysis. Proper channel selection is critical because Wi-Fi troubleshooting is highly dependent on capturing the correct RF environment at the correct moment in time. When combined with Wireshark, Linux monitor mode provides one of
How to Set a WLAN Frequency or Channel in Linux for Wireshark Packet Capture Read More »
Post Views: 516 Net neutrality is typically framed as a policy debate (see my background Net Neutrality post here), but its real implications are observable in packet-level behavior. For network engineers and broadband technicians, the question is not abstract: can you see evidence of blocking, throttling, or prioritization in a packet capture? To read more
Net Neutrality at the Packet Level Read More »
Post Views: 771 I described what Adaptive Bit Rate Streaming (ABR) is in my prior article, if you need that background. Also there is an ABR Lab Exercise if you want some hands on learning with ABR that will show you visually some of the items discussed below. Here, I wanted to dive a little
Mapping ABR to TCP Congestion Control and QUIC Read More »
Post Views: 736 Adaptive Bitrate Streaming (ABR) is a video delivery method that dynamically adjusts the quality of a stream in real time based on three things: network conditions, device capability, and player performance. Instead of delivering a single fixed-quality, and therefore fixed transfer rate video, ABR continuously selects the most appropriate bitrate to maintain
What Is Adaptive Bitrate Streaming (ABR)? Read More »
Post Views: 478 The following is a step by step lab exercise to examine ABR – Adaptive Bit Rate used in modern video content delivery. I won’t explain ABR here – you can read about ABR and what it is, and how it works here in a recent post. We will analyze a synthetic but
A Synthetic ABR Lab Exercise Read More »
Post Views: 1,507 Most people do not know this, but TCP CUBIC is the dominant congestion control algorithm used in modern TCP/IP networks. It is designed to efficiently utilize high-speed, long-distance links while maintaining fairness across flows with different round-trip times (RTTs). Today, it is the default congestion control algorithm in most Linux systems, and
What is TCP CUBIC and Why so popular? Read More »
Post Views: 1,592 I have been teaching Wireshark classes since the early 2000’s, and using it since it was called Ethereal. My usage has primarily focused around troubleshooting network issues that have a packet capture associated with them. My fellow troubleshooters will tell you that this is not always the case. But, if we are
Create your own Wireshark Labs with AI Read More »
Post Views: 905 Check out these great references as well: Our custom profiles repository for Wireshark Our Udemy course on Wireshark Our Udemy course on Wireless Packet capture In our previous post I showed you how to use Wireshark’s Ring Buffer feature. I think we can all agree how great that feature is. In this
Combining Wireshark Ring Buffers with Capture Filters for Performance Read More »
Post Views: 2,041 Check out these great references: Our custom profiles repository for Wireshark Our Udemy course on Wireshark Our Udemy course on Wireless Packet capture Wireshark’s Ring Buffer feature is a capture mechanism feature that automatically rotates packet capture files based on size or time limits, overwriting the oldest files when a defined limit
Wireshark Ring Buffer Capture Feature Read More »
Post Views: 1,630 I provide this information for reference when examining TLS in Wireshark. The TLS 1.2 protocol ladder (also called the TLS handshake ladder) describes the step-by-step sequence of message exchanges between a client and server as they negotiate a secure, encrypted connection. Think of it as a “ladder” where each side alternates rungs
The TLS 1.2 Protocol Ladder Read More »
Post Views: 6,078 Using a loopback adapter (also called a local loopback interface) for packet capture in Wireshark allows you to capture traffic that stays within your own computer — for example, packets exchanged between local applications via localhost or 127.0.0.1. Normally, this traffic never reaches a physical network interface, so a loopback capture is
What is the Adapter for loopback traffic capture in Wireshark? Read More »
Post Views: 2,945 Many technicians and network engineering staff, as well as IT staff, often need to “tap” into the Ethernet to capture and troubleshoot network traffic. A full-duplex tap (also called a network tap) is a hardware device placed inline on an Ethernet link that allows network engineers to capture all traffic traveling in
Ethernet Taps to Capture Network Traffic Read More »
Post Views: 6,030 I am a ChatGPT subscriber to the basic (not PRO) service. I saw the following post on LinkedIn and was fascinated: Think about the implications. You don’t need to know how to use Wireshark other than to do a capture. You certainly don’t need to know how to troubleshoot packet captures as
Can ChatGPT 5 analyze PCAP’s? Read More »
