Examining raw capture data in terms of PCAP files can be facilitated with the help of a few common and freely available tools. C:\Users\felix001>"C:\Program Files\Wireshark\capinfos.exe" capture1004.pcapįile name: C:\Users\felix001\capture1004.Understanding network traffic flows is a multifaceted subject involving potentially many different tools and utilities. CapinfoĬapinfo is a program that allows you to input one or more capture files and return a range of statistics such as data and packet rates. TIP To see all options run -q –z, in essence this is an incomplete command but will result in TShark showing you all the available options. TCP Conversations C:\Users\felix001>"C:\Program Files\Wireshark\tshark.exe" -nr capture1004.pcap -q -z conv,tcp Within this article we will show 2 examples, in order to display a TCP conversations and packet length report.
Because of this there is a vast amount of options available for analyzing your packets.
TShark can be thought of the CLI version of Wireshark.
0 kommentar(er)
