4WORKING WITH CAPTURED PACKETS
Now that you’ve been introduced to Wireshark, you’re ready to start capturing and analyzing packets. In this chapter, you’ll learn how to work with capture files, packets, and time-display formats. We’ll also cover more advanced options for capturing packets and dive into the world of filters.
Working with Capture Files
You’ll find that a good portion of your packet analysis will happen after your capture. Usually, you’ll perform several captures at various times, save them, and analyze them all at once. Therefore, Wireshark allows you to save your capture files to be analyzed later. You can also merge multiple capture ...
Get Practical Packet Analysis, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
