November 2015
Intermediate to advanced
218 pages
5h 8m
English
Wireshark contains a long list of different filters and options that we can use to analyze traffic from a trace file. Before we start going into analyzing the trace file, there are some settings we should configure before starting.
First, add a new column that shows, for instance, the destination port. All the different columns allow us to perform sorts and makes it easier to get the correct data.
This can be done by going into Edit | Preferences | Appearance | Columns. Click on the + sign and give it a name; click on the newly created column under Type and choose what kind of data that should be added, as shown in the following screenshot:
Next we need to enable name resolution. By default, a trace file ...