Index
A
- access_denied / How to do it...
- ACK / How it works…, Regular operation of the TCP Sequence/Acknowledge mechanism
- acknowledgement number field / How it works...
- ACK scanning / How to do it...
- Active mode (ACTV) / Analyzing FTP problems
- Address Resolution Protocol (ARP) filter / Configuring Ethernet, ARP, host, and network filters
- Allow sub-dissector option / There's more...
- application-layer attacks
- about / How it works...
- application attacks
- ARP
- configuring / Configuring Ethernet, ARP, host, and network filters, Getting ready
- connectivity problems, analyzing with / Analyzing connectivity problems with ARP, How to do it..., Gratuitous ARP, Requests or replies, and who is the sender, How it works..., There's more...
- poisoning / ARP poisoning and Man-in-the-Middle attacks
- amount / How many ARPs
- arp.opcode == <value> / Getting ready
- arp.src.hw_mac == <MAC Address> / Getting ready
- ARP filters / ARP filters
- ARP replies / Requests or replies, and who is the sender
- ARP requests / Requests or replies, and who is the sender
- ARP sweep / ARP sweeps
- Automatic Private IP Addressing (APIPA) addresses / General tests
- Autonomous System (AS) / Getting ready
- AVG (*) / Getting ready
B
- % Bytes field / How to do it...
- 32-bit source and destination IP addresses / How it works...
- bad_certificate / How to do it...
- bad_record_mac / How to do it...
- bandwidth
- about / How it works...
- measuring, per user over network connection / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
- measuring, per application over network connection / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
- Berkeley Packet Filter (BPF) / How it works...
- Bladeserver
- Bladesystem / Finding out what is running over your network
- Border Gateway Protocol version 4 (BGPv4) / Getting ready
- Bridge Protocol Data Units (BPDUs) / Which STP version is running on the network?
- broadcast / Getting ready
- broadcast domains
- about / Getting ready
- Broadcast MAC address / How to do it...
- broadcast storm
- about / Discovering broadcast and error storms
- discovering / How to do it...
- working / How it works...
- brute-force attacks
- byte offset
- bytes field / How to do it...
C
- !, C-like Syntax / Getting ready
- !=, C-like Syntax / Getting ready
- &&, C-like Syntax / Getting ready
- <, C-like Syntax / Getting ready
- <=, C-like Syntax / Getting ready
- ==, C-like Syntax / Getting ready
- >, C-like Syntax / Getting ready
- >=, C-like Syntax / Getting ready
- C-like Syntax / Getting ready
- C-Tag (802.1Q) / There's more…
- calculating conversations timestamps / How it works...
- capture
- data capturing, starting / Starting the capture of data, How to do it...
- interface, selecting / How to choose the interface to start the capture
- interface, configuring / How to configure the interface you capture data from
- configuration, changing / Changing the capture configuration
- capture filters
- about / Introduction
- configuring / Configuring capture filters, How to do it..., How it works..., There's more...
- C Arrays to Packet Bytes (*.c) / Saving data in various formats
- Cascade Pilot package
- URL / There's more...
- Castlerock Computing SNMPc
- URL / SNMP platforms
- CA Unicenter
- URL / SNMP platforms
- certificate_expired / How to do it...
- certificate_revoked / How to do it...
- certificate_unknown / How to do it...
- chats tab / How to do it...
- Checkpoint
- URL / See also
- checksum errors / How to do it...
- checksum field / How it works...
- Cisco
- Cisco Netflow
- URL / See also
- Cisco press
- URL / Books
- Citrix communications
- issues, analyzing / Analyzing MS-TS and Citrix communications problems , How to do it..., There's more…
- Citrix Metaframe Independent Computing Architecture (ICA) / Analyzing MS-TS and Citrix communications problems
- client codes / Client errors
- client error codes / 4xx codes – client error
- close_modify / How to do it...
- coloring rules
- Command Line Interface (CLI) / How to do it...
- Comma Separated Values / Saving data in various formats
- communication link
- total bandwidth, measuring on / Measuring total bandwidth on a communication link, Getting ready, How to do it..., How it works..., There's more...
- Compass (for Windows)
- URL / There's more...
- Compile BPF button / How it works...
- complex filters / Complex filters
- compound filters
- configuring / Configuring compound filters, There's more...
- CONNECT / HTTP methods
- connectivity problems
- Content Delivery Network (CDN) / There's more...
- Contributing source identifiers list (CSRC) / RTP principles of operation
- Conversations tool
- using, from statistics menu / Using the Conversations tool from the Statistics menu, How to do it..., How it works...
- Conversations window / A device that generates Broadcasts
- COUNT FIELDS (*) / Getting ready
- COUNT FRAMES (*) / Getting ready
- Create Stat button / How to do it...
- CSRC count (CC) / RTP principles of operation
- ||, C-like Syntax / Getting ready
D
- data
- capturing, starting / Starting the capture of data
- whole file, saving / How to do it...
- part of file, saving / How to do it...
- saving, in different formats / Saving data in various formats
- printing / How to print data
- Database Administrator (DBA) / How to do it...
- database traffic
- issues, analyzing / Analyzing database traffic and common problems, How to do it..., How it works...
- Datagram distribution service (port 138) / Analyzing problems in the NetBIOS protocols
- Date and Time of Day / How to do it...
- DDoS
- about / How it works...
- attacks, discovering / Discovering DoS and DDoS attacks, How to do it..., How it works...
- decode_error / How to do it...
- decompression_failure / How to do it...
- decryption_failed / How to do it...
- decrypt_error / How to do it...
- Deep Packet Inspection (DPI) / How it works...
- delay
- monitoring, Wireshark used / Monitoring jitter and delay using Wireshark, How to do it..., How it works..., There's more...
- about / How it works...
- problems, discovering / Discovering delay/jitter-related application problems, How to do it..., How it works...
- DELETE / HTTP methods
- details tab / How to do it...
- DHCP
- about / Analyzing DHCP problems
- DHCP Ack / How it works...
- DHCP Discover / How it works...
- DHCP Offer / How it works...
- DHCP problems
- analyzing / Analyzing DHCP problems, How to do it..., How it works..., There's more...
- DHCP Request / How it works...
- Differentiated Services (DiffServ) / Configuring of IPv4 and IPv6 Preferences, How it works...
- Dir (direction) qualifiers / How it works...
- displayed data
- saving / Saving the displayed data
- display filters
- about / Introduction, Introduction
- configuring / Configuring display filters, Getting ready, How to do it..., Choosing from the filters menu
- syntax, writing / Writing the syntax directly into the display filter window
- parameter, selecting in packet pane / Choosing a parameter in the packet pane and defining it as a filter
- display filter toolbar
- about / Display Filter Toolbar
- Display window / How to do it...
- DNS
- about / Introduction
- traffic, filtering / Filtering DNS traffic, How to do it..., There's more...
- operations, analyzing / Analyzing regular DNS operations, How it works...
- operations / DNS operation
- namespace / DNS namespace
- servers, using / The resolving process
- issues, analyzing / Analysing DNS problems, DNS cannot resolve a name, How it works..., There's more...
- slow responses / DNS slow responses
- DNS Benchmark
- from GRC, URL / The resolving process
- DNS display filters / DNS display filters
- DoS
- about / How it works...
- attacks, discovering / Discovering DoS and DDoS attacks, How to do it..., How it works...
- dst host <host> filter / Getting ready
- dst net <net>/<len> filter / Getting ready
- dst net <net> filter / Getting ready
- dst net <net> mask <netmask> filter / Getting ready
- dst port <port> filter / Getting ready
- duplicate ACKs
- duplicate IPs
- finding / Finding duplicate IPs, How it works..., There's more...
E
- e-mail traffic
- End Bytes field / How to do it...
- End Mbit/s field / How to do it...
- End Packets field / How to do it...
- Endpoints tool
- using, from statistics menu / Using the Endpoints tool from the Statistics menu, How to do it..., There's more...
- Enhancement area
- URL / Useful Wireshark links
- Enterprise Resource Planning (ERP) / There's more…
- Eric Lawrence and Telerik
- URL / HTTP debuggers
- error codes filters / How to do it...
- error events
- error storms
- about / Discovering broadcast and error storms
- discovering / How to do it...
- eth.addr == <MAC Address> / Getting ready
- eth.dst == <MAC Address> / Getting ready
- eth.src == <MAC Address> / Getting ready
- eth.type == <Protocol Type (Hexa)> / Getting ready
- ETHER-TYPE codes
- URL / See also
- Etherape (for Linux)
- URL / There's more...
- ether broadcast filter / Getting ready
- ether dst <Ethernet host> filter / Getting ready
- ether host <Ethernet host> filter / Getting ready
- ether multicast filter / Getting ready
- Ethernet
- configuring / Configuring Ethernet, ARP, host, and network filters
- Ethernet (MAC) address / How to do it...
- Ethernet broadcasts / Ethernet broadcasts
- Ethernet conversations statistics
- Ethernet filters
- configuring / Configuring Ethernet filters, How to do it..., How it works…
- ether proto <protocol> filter / Getting ready
- ether src <Ethernet host> filter / Getting ready
- expert.group
- categories / There's more...
- expert.message / There's more...
- expert.severity / There's more...
- Expert Infos window
- about / Introduction, The Expert Infos window and how to use it for network troubleshooting, How to do it...
- starting / How to do it...
- errors / How to do it...
- warnings / How to do it...
- notes / How to do it...
- chats / How to do it...
- details / How to do it...
- packet comments / How to do it...
- expert.message / There's more...
- expert.severity / There's more...
- export_restriction / How to do it...
- Extension bit (X) / RTP principles of operation
- Exterior Gateway Protocols (EGPs) / Getting ready
F
- Fiddler
- URL / There's more...
- field appearances
- monitoring / How to monitor a number of field appearances
- field name pane / Choosing from the filters menu
- filtering
- about / Locating Wireshark
- filters
- capture filters / Configuring capture filters
- Ethernet filters / Configuring Ethernet filters
- network filters / Configuring host and network filters
- hosts filters / Configuring host and network filters
- UDP port filter / Configuring TCP/UDP and port filters, How to do it..., How it works…, See also
- TCP port filter / Configuring TCP/UDP and port filters, How to do it..., How it works…, See also
- byte offset filter / Configuring byte offset and payload matching filters, How to do it..., How it works…, There's more...
- payload matching filter / Configuring byte offset and payload matching filters, How to do it..., How it works…, There's more...
- IO Graphs, configuring with / Configuring IO Graphs with filters for measuring network performance issues, How to do it..., Y-Axis configuration, How it works..., There's more...
- configuring / Filter configuration
- filters menu
- selecting from / Choosing from the filters menu
- field name pane / Choosing from the filters menu
- relation pane / Choosing from the filters menu
- value pane / Choosing from the filters menu
- predefined values pane / Choosing from the filters menu
- range (offset$ length) pane / Choosing from the filters menu
- FIN / How it works…
- FIN-ACK scanning / How to do it...
- firewall
- monitoring / Monitoring a firewall
- firewalls / There's more...
- fixed pattern broadcasts / Fixed pattern broadcasts
- flags field / How it works...
- flgs / How it works...
- Flow Control mechanism
- Flow Graph
- configuring, to view TCP flows / Configuring Flow Graph for viewing TCP flows, There's more...
- Flow Graph window / How to do it...
- Follow TCP Stream
- fragmentation
- Fragment offset / How it works...
- frame.time_delta / Getting ready
- frame.time_delta_displayed / Getting ready
- FTP
- issues, analyzing / Analyzing FTP problems, How to do it..., How it works..., There's more...
- Active mode (ACTV) / Analyzing FTP problems
- Passive mode (PASV) / Analyzing FTP problems
- FTP display filters / FTP display filters
- Full Duplex (FDX) / How it works...
G
- gateway <Host name or address> filter / Getting ready
- generated broadcast storm
- characteristics / A device that generates Broadcasts
- GeoIP
- about / Configuring of IPv4 and IPv6 Preferences
- URL / There's more..., Getting ready
- using, to lookup physical locations / Using GeoIP to look up physical locations of the IP address, How to do it..., How it works..., There's more...
- GET / HTTP methods
- global failure code / 6xx codes – global failure
- Google web page
- accesses, gaphing / Graphing number of accesses to the Google web page
- Graphical Ping tools
- URL / There's more...
- gratuitous ARP / Gratuitous ARP
- gtk
- URL / Useful Wireshark links
H
- H.225 / How it works...
- H.323 / How it works...
- Half-Duplex (HDX) / How it works...
- handshake_failure / How to do it...
- HEAD / HTTP methods
- Header length (HL) / How it works...
- header length field / How it works...
- host
- configuring / Configuring Ethernet, ARP, host, and network filters
- host <host> filter / Getting ready
- hosts
- configuring / Configuring host and network filters, Getting ready, How to do it..., There's more...
- HP IMC
- URL / SNMP platforms
- HP OpenView
- URL / SNMP platforms
- HTTP
- about / Introduction
- issues, analyzing / Analyzing HTTP problems, How to do it...
- informational codes / Informational codes
- success codes / Success codes
- redirect codes / Redirect codes
- client codes / Client errors
- server errors / Server errors
- HTTP debuggers / HTTP debuggers
- HTTP display filters / HTTP display filters
- HTTP filters
- name based filters / How to do it...
- request methods filters / How to do it...
- error codes filters / How to do it...
- HTTP methods / HTTP methods
- status codes / Status codes
- HTTP headers fields
- custom / Custom HTTP headers fields, How it works...
- HTTP methods
- about / HTTP methods
- OPTIONS / HTTP methods
- GET / HTTP methods
- HEAD / HTTP methods
- POST / HTTP methods
- DELETE / HTTP methods
- PUT / HTTP methods
- TRACE / HTTP methods
- CONNECT / HTTP methods
- HTTP objects
- about / Exporting HTTP objects
- exporting / How to do it..., How it works...
- HTTP preferences
- configuring / Configuring HTTP preferences
- HTTPS
- about / Introduction
- HTTPS sessions
- monitoring / How to do it..., How it works...
- HTTP tool
- using, from statistics menu / Using the HTTP tool from the Statistics menu, How to do it...
- HTTP traffic
- filtering / Filtering HTTP traffic, How to do it...
- hubs / Monitoring a router
I
- ICMP / Discovering ICMP and TCP SYN/Port scans
- ICMP filters / IP and ICMP filters
- icmp[icmptype]==<identifier> filter / Getting ready
- IDS/IPS / There's more...
- URL / See also
- IETF / How it works...
- illegal_parameter / How to do it...
- IMAP4
- information
- retrieving, through TCP stream graphs (Time-Sequence (Stevens) window) / Getting information through TCP stream graphs – the Time-Sequence (Stevens) window, How to do it..., How it works...
- retrieving, through TCP stream graphs (Time-Sequence (tcp-trace) window) / Getting information through TCP stream graphs – the Time-Sequence (tcp-trace) window, How to do it..., How it works...
- retrieving, through TCP stream graphs (Throughput Graph window) / Getting information through TCP stream graphs – the Throughput Graph window, There's more...
- retrieving, through TCP stream graphs (Round Trip Time window) / Getting information through TCP stream graphs – the Round Trip Time window, How to do it..., There's more...
- retrieving, through TCP stream graphs (Window Scaling Graph window) / Getting information through TCP stream graphs – the Window Scaling Graph window, How to do it...
- informational codes / Informational codes
- information security
- about / Introduction
- inSSIDer / How to do it…
- insufficient_security / How to do it...
- inter-frame time delta statistics
- monitoring / How to monitor inter-frame time delta statistics
- internal_error / How to do it...
- Internet Assigned Numbers Authority (IANA) / How it works...
- Internet Group Management Protocol (IGMP) / How it works...
- Internet Protocol Version 4 / How to do it...
- Internet Service Provider (ISP) / Getting ready
- Intrusion Detection Systems (IDS) / How it works...
- Intrusion Detection Systems / Intrusion Prevention Systems (IDSs/IPSs) / Getting ready
- INVITE method / How to do it...
- IO Graphs
- tool / Introduction
- configuring, with filters / Configuring IO Graphs with filters for measuring network performance issues, How to do it...
- throughput measurements / Throughput measurements with IO Graph, Getting ready
- throughput measurements, between end devices / Measuring throughput between end devices
- application throughput, measuring / Measuring application throughput
- configurations, with advanced Y Axis parameters / Advanced IO Graph configurations with advanced Y-Axis parameters, How to do it...
- inter-frame time delta statistics, monitoring / How to monitor inter-frame time delta statistics
- IP-based statistics
- creating / Creating IP-based statistics, How to do it...
- ip.addr == <IP Address> / Getting ready
- ip.dst == <IP Address> / Getting ready
- ip.len < <value> / Getting ready
- ip.len = <value>, ip.len > <value> / Getting ready
- ip.src == <IP Address> / Getting ready
- ip.ttl == <value>, ip.ttl < value> / Getting ready
- ip.ttl > <value> / Getting ready
- ip.version == <4/6> / Getting ready
- ip6 proto <protocol> filter / Getting ready
- IP conversations statistics
- about / IP conversations statistics
- IP destination statistics
- retrieving / How to do it...
- Iperf
- URL / How to do it...
- IP filters / IP and ICMP filters
- IPFIX
- IP geographical location databases
- URL / How it works...
- ip or IP6 filter / Getting ready
- IP packet
- factors / How it works...
- ver / How it works...
- Header length (HL) / How it works...
- Type of Service (ToS) / How it works...
- Differentiated Services (DiffServ) / How it works...
- length field / How it works...
- 16-bit identifier / How it works...
- Fragment offset / How it works...
- flgs / How it works...
- Time to live (TTL) / How it works...
- upper layer / How it works...
- checksum field / How it works...
- 32-bit source and destination IP addresses / How it works...
- options field / How it works...
- ip proto <protocol code> filter / Getting ready
- IP statistics tools / IP statistics tools
- IP traffic
- analysis tools / Using IP traffic analysis tools
- IP statistics tools / IP statistics tools
- working / How it works...
- IPTV applications
- scenarios, troubleshooting / Troubleshooting scenarios for IPTV applications, How to do it...
- IPv4 host address / How to do it...
- IPv4 multicasts / IPv4 multicasts
- IPv4 network address / How to do it...
- IPv4 preferences
- configuring / Configuring of IPv4 and IPv6 Preferences
- IPv6 host address / How to do it...
- IPv6 multicasts / IPv6 multicasts
- IPv6 network address / How to do it...
- IPv6 preferences
- configuring / Configuring of IPv4 and IPv6 Preferences
- iterative mode
- about / There's more...
- ITU-T / How it works...
J
- JFlow / The NetFlow, JFlow, and SFlow analyzers
- jitter
- monitoring, Wireshark used / Monitoring jitter and delay using Wireshark, How to do it..., How it works..., There's more...
- problems, discovering / Discovering delay/jitter-related application problems, How to do it..., How it works...
- Juniper
- Juniper Jflow
- URL / See also
L
- LAN switch
- about / How it works...
- LAN switch vendors / Locating Wireshark
- Layer 4 filters / Getting ready
- length field / How it works...
- Libpcap
- URL / See also
- live capture
- auto scrolling / Auto scrolling in live capture
- LOAD (*) / Getting ready
- Load Distribution
- viewing, on Web / How to do it...
- viewing, on specific website / How to do it...
- lookup physical locations
M
- $, modifier / How it works...
- (), modifier / How it works...
- *, modifier / How it works...
- +, modifier / How it works...
- ?, modifier / How it works...
- MAC-based attacks
- discovering / Discovering MAC- and ARP-based attacks, How to do it..., There's more...
- macros
- configuring / Configuring macros, How to do it...
- Mail Filters / There's more...
- URL / See also
- main toolbar
- about / Main Toolbar
- main window
- configuring / Configuring the main window
- malformed packets / How to do it...
- Man-in-the-Middle attacks / ARP poisoning and Man-in-the-Middle attacks
- Man-in-the-middle attacks / How it works...
- Manageengine
- URL / SNMP platforms
- Marker (M) / RTP principles of operation
- MAX (*) / Getting ready
- Maximum Segment Size (MSS) / How it works..., How it works...
- Mbit/s field / How to do it...
- methods
- about / Getting ready
- MIN (*) / Getting ready
- Mini Protocol Analyzer
- URL / Network analysers
- modifiers
- ^ / How it works...
- $ / How it works...
- | / How it works...
- () / How it works...
- * / How it works...
- + / How it works...
- ? / How it works...
- {n} / How it works...
- {n,} / How it works...
- {n,m} / How it works...
- MRTG
- URL / SNMP platforms
- MS-TS
- issues, analyzing / Analyzing MS-TS and Citrix communications problems , How to do it..., There's more…
- multicast / Getting ready
- multimedia applications
- about / Introduction
- Multiple Input Multiple Output (MIMO) / How it works…
- Multiple Spanning Tree (MST) / Analyzing Spanning Tree Protocols
- Multi Protocol Label Switching (MPLS)
- |, modifier / How it works...
N
- Nagious
- URL / SNMP platforms
- Namebench
- URL / The resolving process
- name resolution
- about / Name Resolution
- changing / Configuring the name resolution
- Name service (port 137) / Analyzing problems in the NetBIOS protocols
- net <net>/<len> filter / Getting ready
- net <net> filter / Getting ready
- net <net> mask <netmask> filter / Getting ready
- NetBIOS Datagram Distribution Service (NBDS) / How it works...
- Net BIOS Name Service (NBNS) / How it works...
- NetBIOS Name Service (NBNS) / How it works...
- NetBIOS protocols
- issues, analyzing / Analyzing problems in the NetBIOS protocols, How to do it..., General tests, Specific issues, How it works...
- services / Analyzing problems in the NetBIOS protocols
- Name service (port 137) / Analyzing problems in the NetBIOS protocols
- Datagram distribution service (port 138) / Analyzing problems in the NetBIOS protocols
- Session service (port 139) / Analyzing problems in the NetBIOS protocols
- general tests / General tests
- specific issues / Specific issues, How it works...
- application, freezing / Example 1 – application freezing
- broadcast storm / Example 2 – broadcast storm caused by SMB
- NetBIOS Server Message Block (SMB) / How it works...
- NetBIOS Session Service (NBSS) / How it works...
- Netcat (nc)
- for Linux, URL / Other stuff
- NetFlow / The NetFlow, JFlow, and SFlow analyzers
- network
- issues, analyzing / Finding out what is running over your network, How to do it...
- Network Access Control (NAC) / There's more...
- URL / See also
- network connection
- bandwidth, measuring over / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
- throughput, measuring over / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
- network filters
- configuring / Configuring host and network filters, Getting ready, How to do it..., There's more...
- Network Interface Card (NIC) / Getting ready
- NetworkMiner
- URL / There's more...
- Network Time Protocol (NTP) / There's more..., How it works...
- Nmap.org web page
- URL / See also
- Nmap security scanner
- URL / Other stuff
- notes events
- notes tab / How to do it...
- no_renegotiation / How to do it...
- {n,m}, modifier / How it works...
- {n,}, modifier / How it works...
- {n}, modifier / How it works...
O
- offset filter
- structure / How it works…
- OpenNMS
- URL / SNMP platforms
- open source Cacti
- URL / SNMP platforms
- OPTIONS / HTTP methods
- options field / How it works...
- out-of-order packet
- about / Getting ready
- out-of-order segments
- about / TCP out-of-order packet events
- Outlook Web Access (OWA)
P
- % Packets field / How to do it...
- packet comments tab / How to do it...
- Packet Counter statistics / How to do it...
- packet list
- colorizing / Colorizing the packet list
- packets field / How to do it...
- Padding (P) / RTP principles of operation
- parameter column
- adding / Adding a parameter column
- parameter we filter / What is the parameter we filter?
- Passive mode (PASV) / Analyzing FTP problems
- payload matching filters
- Payload type / RTP principles of operation
- Pcap drivers
- URL / See also
- PDML (*.pdml) / Saving data in various formats
- Plain text (*.txt) / Saving data in various formats
- Plixer
- URL / SNMP platforms
- POP3
- port-range matching filters
- tcp portrange <p1>-<p2> or udp portrange <p1>-<p2> / Getting ready
- tcp src portrange <p1>-<p2> or udp src portrange <p1>-<p2> / Getting ready
- tcp dst portrange <p1>-<p2> or udp src portrange <p1>-<p2> / Getting ready
- port <port> filter / Getting ready
- port mirror / See also
- port monitor / See also
- port states
- disabled / Port states
- blocking / Port states
- listening / Port states
- learning / Port states
- forwarding / Port states
- POST / HTTP methods
- PostScript (*.ps) / Saving data in various formats
- predefined values pane / Choosing from the filters menu
- preferences menu
- user interface, configuring / Configuring the user interface in the Preferences menu, How to do it...
- columns, adding / Changing and adding columns
- columns, changing / Changing and adding columns
- capture configuration, changing / Changing the capture configuration
- name resolution, configuring / Configuring the name resolution, How it works...
- previous segment loss
- about / TCP out-of-order packet events
- previous segment lost
- about / Getting ready
- previous segment not captured
- about / Getting ready
- Proto (protocol) qualifiers / How it works...
- protocol field / How to do it...
- protocol filters
- configuring / Configuring specific protocol filters, How to do it...
- HTTP display filters / HTTP display filters
- DNS display filters / DNS display filters
- FTP display filters / FTP display filters
- Protocol Hierarchy tool
- using, from statistics menu / Using the Protocol Hierarchy tool from the Statistics menu, How to do it..., There's more...
- Protocol Hierarchy window
- protocol field / How to do it...
- % Packets field / How to do it...
- packets field / How to do it...
- % Bytes field / How to do it...
- bytes field / How to do it...
- Mbit/s field / How to do it...
- End Packets field / How to do it...
- End Bytes field / How to do it...
- End Mbit/s field / How to do it...
- protocol preferences
- configuring / Configuring protocol preferences, Getting ready
- IPv6 preferences, configuring / Configuring of IPv4 and IPv6 Preferences
- IPv4 preferences, configuring / Configuring of IPv4 and IPv6 Preferences
- UDP, configuring / Configuring TCP and UDP
- TCP, configuring / Configuring TCP and UDP
- protocol_version / How to do it...
- provisional/informational codes / 1xx codes – provisional/informational
- proxy server / How it works...
- PSH / How it works…
- PSML / Saving data in various formats
- PSML (*.psml) / Saving data in various formats
- PSTN
- about / How it works...
- PUT / HTTP methods
R
- range (offset$ length) pane / Choosing from the filters menu
- Rapid Spanning Tree Protocol (RSTP) / Analyzing Spanning Tree Protocols
- Rcvr window size field / How it works...
- Received Signal Strength Indicator (RSSI) / How to do it…
- record_overflow / How to do it...
- recursive mode
- about / There's more...
- redirect codes / Redirect codes
- redirection codes / 3xx codes – redirection
- redirect server / How it works...
- registrar server / How it works...
- relation pane / Choosing from the filters menu
- relative sequence numbers / How it works...
- Remote Desktop Protocol (RDP) / Analyzing MS-TS and Citrix communications problems
- request methods filters / How to do it...
- res field / How it works...
- retransmission
- about / TCP retransmission – where do they come from and why, How to do it..., What are TCP retransmissions and what do they cause
- to multiple destinations / Case 1 – retransmissions to many destinations
- on single connection / Case 2 – retransmissions on a single connection
- patterns / Case 3 – retransmission patterns
- due to non-responsive application / Case 4 – retransmission due to a non-responsive application
- due to delayed variations / Case 5 – retransmission due to delayed variations
- Retransmission Time Out (RTO) / How to do it..., How it works...
- RFC 2246, errors
- close_modify / How to do it...
- unexpected_message / How to do it...
- bad_record_mac / How to do it...
- decryption_failed / How to do it...
- record_overflow / How to do it...
- decompression_failure / How to do it...
- handshake_failure / How to do it...
- bad_certificate / How to do it...
- unsupported_certificate / How to do it...
- certificate_revoked / How to do it...
- certificate_expired / How to do it...
- certificate_unknown / How to do it...
- illegal_parameter / How to do it...
- unknown_ca / How to do it...
- access_denied / How to do it...
- decrypt_error / How to do it...
- export_restriction / How to do it...
- protocol_version / How to do it...
- insufficient_security / How to do it...
- internal_error / How to do it...
- user_canceled / How to do it...
- no_renegotiation / How to do it...
- Riverbed Cascade
- URL / Network analysers
- root servers
- URL / DNS namespace
- Round Trip Time (RTT) / How to do it...
- Round Trip Time Measurement (RTTM) / How it works...
- Round Trip Time window
- TCP stream graphs, retrieving / Getting information through TCP stream graphs – the Round Trip Time window, How it works...
- router
- monitoring / Monitoring a router
- routing problems
- analyzing / Analyzing routing problems, How to do it..., There's more...
- RPC over HTTPs / Analyzing e-mail traffic and troubleshooting e-mail problems – POP, IMAP, and SMTP
- RST / How it works…
- RTCP / Analyzing SIP connectivity
- about / Introduction, How it works...
- operation, principles / The RTCP principle of operation, There's more...
- RTCP connectivity
- analyzing / Analyzing RTP/RTCP connectivity, How to do it...
- RTP
- about / Introduction, How it works...
- operation, principles / RTP principles of operation
- RTP connectivity
- analyzing / Analyzing RTP/RTCP connectivity, How to do it...
- RTSP
- about / Introduction
- troubleshooting / Troubleshooting RTSP, Getting ready, How to do it..., How it works...
- stream / There's more...
S
- S-Tag (802.1ad) / There's more…
- SACK / How it works...
- scanning
- about / How it works...
- scenarios
- troubleshooting, for video and surveillance applications / Troubleshooting scenarios for video and surveillance applications, How to do it..., How it works...
- troubleshooting, for IPTV applications / Troubleshooting scenarios for IPTV applications, How it works...
- troubleshooting, for video conferencing applications / Troubleshooting scenarios for video conferencing applications, How to do it...
- SCTP / How it works…
- about / There's more…
- SDP / How it works..., Analyzing SIP connectivity
- about / How it works...
- Second Level Domains (SLDs)
- URL / DNS namespace
- Seconds Since Beginning of Capture / How to do it...
- Seconds Since Epoch / How to do it...
- Seconds Since Previous Captured Packet / How to do it...
- Seconds Since Previous Displayed Packet / How to do it...
- Security Information and Event Management Systems (SIEM) / Getting ready
- sequence number / RTP principles of operation
- sequence number field / How it works...
- server
- monitoring / Monitoring a server
- server error codes / 5xx codes – server error
- server errors / Server errors
- Server Message Block (SMB) / How it works...
- Service Provider (SP) / Getting ready
- service provider (SP) / There's more...
- Service Provider (SP) network / Monitoring a router
- Service Set Identification (SSID) / How to do it…
- Session service (port 139) / Analyzing problems in the NetBIOS protocols
- SET_PARAMETER / There's more...
- Sevone
- sFlow
- URL / See also
- SFlow
- Simple Network Management Protocol (SNMP) / Monitoring a router
- Simtec Limited
- URL / HTTP debuggers
- SIP
- about / How it works...
- SIP connectivity
- analyzing / Analyzing SIP connectivity, Getting ready, How to do it...
- analyzinmg / Analyzing SIP connectivity
- 1xx codes (provisional/informational codes) / 1xx codes – provisional/informational
- 2xx codes (success codes) / 2xx codes – success
- 3xx codes (redirection codes) / 3xx codes – redirection
- 4xx codes (client error codes) / 4xx codes – client error
- 4xx codes (server error codes) / 5xx codes – server error
- 6xx codes (global failure codes) / 6xx codes – global failure
- SIP servers
- proxy server / How it works...
- redirect server / How it works...
- registrar server / How it works...
- Sliding Window mechanism
- SMB Mailslot Protocol / A device that generates Broadcasts
- SMPP (Short Message Peer to Peer protocol) / Graph SMS usage – finding SMS messages sent by a specific subscriber
- SMS messages
- by specific subscriber, graphing / Graph SMS usage – finding SMS messages sent by a specific subscriber
- SMTP
- about / Analyzing e-mail traffic and troubleshooting e-mail problems – POP, IMAP, and SMTP, SMTP communications
- status codes, URL / SMTP communications
- status codes / SMTP and SMTP error codes (RFC3463)
- SNMP platform / SNMP platforms
- SNMP tools / SNMP tools
- Socket Layer/Transport Layer Security (SSL/TLS)
- SolarWinds
- URL / SNMP platforms
- Solarwinds
- URL / SNMP tools
- SolarWinds Engineering toolset
- URL / SNMP tools
- source and destination ports / How it works...
- SPAN (Switched Port Analyzer) / See also
- Spanning Tree Problems
- about / Spanning Tree Problems
- SPOOLS / How it works...
- src host <host> filter / Getting ready
- src net <net> filter / Getting ready
- src net <net> mask <netmask> filter / Getting ready
- src port <port> filter / Getting ready
- start window
- configuring / Configuring the start window, Getting ready
- main toolbar / Main Toolbar
- display filter toolbar / Display Filter Toolbar
- status bar / Status Bar
- statistics menu
- Summary tool, using from / Using the Summary tool from the Statistics menu, How to do it..., How it works...
- Protocol Hierarchy tool, using from / Using the Protocol Hierarchy tool from the Statistics menu, How to do it..., There's more...
- Conversations tool, using from / Using the Conversations tool from the Statistics menu, How to do it...
- Endpoints tool, using from / Using the Endpoints tool from the Statistics menu, How to do it..., How it works...
- HTTP tool, using from / Using the HTTP tool from the Statistics menu, How to do it...
- statistics tool
- about / Introduction
- using / Introduction
- status bar
- about / Status Bar
- status codes
- about / Status codes
- URL / Status codes
- storm-control action {shutdown | trap} command / There's more…
- STP
- analyzing / Analyzing Spanning Tree Protocols, Getting ready
- about / Analyzing Spanning Tree Protocols
- version types / Which STP version is running on the network?
- topology change / Are there too many topology changes?
- working / How it works...
- frame fields / How it works...
- port states / Port states
- package examples / There's more…
- STP frame, fields
- Protocol ID / How it works...
- Version / How it works...
- Message Type / How it works...
- flags / How it works...
- Root Path Cost / How it works...
- Bridge ID / How it works...
- Port ID / How it works...
- Message Age / How it works...
- Max. Time / How it works...
- Hello Time / How it works...
- Forward Delay / How it works...
- string calculator
- URL / See also
- substring operator filters
- configuring / Configuring substring operator filters
- success codes / Success codes, 2xx codes – success
- SUM (*) / Getting ready
- Summary tool
- using, from statistics menu / Using the Summary tool from the Statistics menu, How to do it..., There's more...
- Summary window / How to do it..., There's more...
- switch monitoring
- URL / See also
- SYN / How it works…
- Synchronization source (SSRC) / RTP principles of operation
- Synchronous Digital Hierarchy (SDH) / There's more...
- Synchronous Optical Network (SONet) / There's more...
- Syslog
- URL / Syslog
T
- TAPs / Monitoring a router
- TCP
- configuring / Configuring TCP and UDP
- about / Introduction
- configuration / Configuring TCP and UDP preferences for troubleshooting, TCP parameters, How it works...
- parameters / TCP parameters
- connection issues / TCP connection problems, Getting ready, How to do it..., How it works...
- retransmission / TCP retransmission – where do they come from and why
- retransmission to multiple destinations / Case 1 – retransmissions to many destinations
- retransmission, on single connection / Case 2 – retransmissions on a single connection
- retransmission, patterns / Case 3 – retransmission patterns
- retransmission, due to non-responsive application / Case 4 – retransmission due to a non-responsive application
- retransmission, due to delayed variations / Case 5 – retransmission due to delayed variations
- Sequence/Acknowledge mechanism / Regular operation of the TCP Sequence/Acknowledge mechanism
- retransmissions / What are TCP retransmissions and what do they cause, There's more...
- out-of order packet events / TCP out-of-order packet events, When will it happen?, How it works...
- Zero Window / TCP Zero Window, Zero Window Probe, and Zero Window Violation
- Zero Window Probe / TCP Zero Window, Zero Window Probe, and Zero Window Violation
- Window Update / TCP Window Update
- Window Full / TCP Window Full
- Sliding Window mechanism / How it works...
- resets / TCP resets and why they happen, How to do it...
- resets, issues / Cases in which reset can indicate a problem
- tcp.analysis / Getting ready
- tcp.analysis.duplicate_ack / Getting ready
- tcp.analysis.retransmission / Getting ready
- tcp.analysis.retransmissions / Measuring application throughput
- tcp.analysis.zero_window / Getting ready, Measuring application throughput
- tcp.dstport == <value> / Getting ready
- tcp.flags / Getting ready
- tcp.flags.fin == 1 / Getting ready
- tcp.flags.reset == 1 / Getting ready
- tcp.port == <value> / Getting ready
- tcp.srcport == <value> / Getting ready
- tcp.streameq 2 / Measuring application throughput
- tcp.window_size_value < <value> / Getting ready
- TCP/IP Guide
- URL / Books
- TCP/UDP filters
- configuring / Configuring TCP/UDP filters, Getting ready, How to do it..., How it works...
- TCP attacks
- discovering / Locating smart TCP attacks, How to do it..., There's more...
- TCP conversations statistics
- TCP destination statistics
- retrieving / How to do it...
- tcp dst portrange <p1>-<p2> or udp src portrange <p1>-<p2> filter / Getting ready
- tcpdump
- TCP filters
- types, example / How to do it...
- TCP flows
- viewing, Flow Graph configured for / Configuring Flow Graph for viewing TCP flows, How it works...
- TCP packet
- source and destination ports / How it works...
- sequence number field / How it works...
- acknowledgement number field / How it works...
- header length field / How it works...
- res field / How it works...
- flags field / How it works...
- Rcvr window size field / How it works...
- checksum field / How it works...
- options field / How it works...
- TCP port filter
- configuring / Configuring TCP/UDP and port filters, How to do it..., How it works…
- tcp portrange <p1>-<p2> or udp portrange <p1>-<p2> filter / Getting ready
- TCP retransmissions
- in stream, monitoring / How to monitor the number of TCP retransmissions in a stream
- tcp src portrange <p1>-<p2> or udp src portrange <p1>-<p2> filter / Getting ready
- TCP stream / How to do it...
- TCP SYN/Port scans
- discovering / Discovering ICMP and TCP SYN/Port scans, How to do it..., How it works..., See also
- TEARDOWN command / There's more...
- telephony and multimedia analysis / Getting ready, How to do it..., How it works..., There's more...
- throughput
- about / How it works...
- measuring, per application over network connection / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
- measuring, per user over network connection / Measuring bandwidth and throughput per user and per application over a network connection, How to do it..., See also
- Throughput Graph window
- TCP stream graphs, retrieving / Getting information through TCP stream graphs – the Throughput Graph window, How it works...
- Throughput measurements
- with IO Graph / Throughput measurements with IO Graph, Getting ready
- between end devices / Measuring throughput between end devices
- about / Measuring application throughput
- Time-Sequence (Stevens) window
- TCP stream graphs, retrieving / Getting ready, How to do it..., There's more...
- Time-Sequence (tcp-trace) window
- TCP stream graphs, retrieving / Getting information through TCP stream graphs – the Time-Sequence (tcp-trace) window, How to do it..., How it works...
- time format
- configuring / Getting ready, How to do it...
- timestamp / RTP principles of operation
- Timestamps options (TSopt) / How it works...
- Time to live (TTL) / How it works...
- TLL / How it works...
- toolbars
- configuring / Configuring toolbars
- using / There's more...
- Top Level Domain servers (TLDs)
- URL / DNS namespace
- total bandwidth
- measuring, on communication link / Measuring total bandwidth on a communication link, Getting ready, How to do it..., How it works..., There's more...
- TRACE / HTTP methods
- Transport Layer Security (TLS) / Colorizing the packet list
- TTL
- about / How it works...
- TTL field / There's more...
- Type Of Service (ToS) / Configuring of IPv4 and IPv6 Preferences
- Type of Service (ToS) / How it works...
- type qualifiers / How it works...
U
- UDP
- configuring / Configuring TCP and UDP
- about / Introduction
- configuration / Getting ready, UDP parameters
- parameters / UDP parameters
- udp.dstport == <value> / Getting ready
- udp.port == <value> / Getting ready
- udp.srcport == <value> / Getting ready
- UDP conversations statistics
- UDP destination statistics
- retrieving / How to do it...
- UDP port filter
- configuring / Configuring TCP/UDP and port filters, How it works…
- unexpected_message / How to do it...
- unknown_ca / How to do it...
- unsupported_certificate / How to do it...
- unusual traffic patterns
- upper layer / How it works...
- User Agent (UA)
- about / How to do it...
- User Agent Client (UAC) / How it works...
- User Agents (UAs) / Analyzing SIP connectivity
- User Agent Server (UAS) / How it works...
- user interface
- configuring, in preferences menu / Configuring the user interface in the Preferences menu, How to do it...
- user_canceled / How to do it...
- UTC Date and Time of Day / How to do it...
V
- value pane / Choosing from the filters menu
- ver / How it works...
- Version (V) / RTP principles of operation
- video and surveillance applications
- scenarios, troubleshooting / Troubleshooting scenarios for video and surveillance applications, How to do it..., How it works...
- video conferencing applications
- scenarios, troubleshooting / Troubleshooting scenarios for video conferencing applications, How to do it...
- viruses / How it works...
- VLAN
- about / Analyzing VLANs and VLAN tagging issues
- internal traffic, analyzing / Monitoring traffic inside a VLAN
- vlan <vlan_id> filter / Getting ready
- VLAN tagged port
- tagged frames, viewing through / Viewing tagged frames going through a VLAN tagged port, How it works..., There's more…
- VLAN tagging issues
- analyzing / Getting ready
- VRFs
W
- WAF
- URL / See also
- warning events
- warnings tab / How to do it...
- Web Application Firewalls (WAF) / Getting ready, There's more...
- Web Filters
- about / There's more...
- URL / See also
- Websense
- URL / See also
- WIFi Locator / How to do it…
- WildPackets OmniPeak
- URL / Network analysers
- Window Full, TCP
- about / TCP Window Full
- Window Scaling Graph window
- TCP stream graphs, retrieving / Getting information through TCP stream graphs – the Window Scaling Graph window, How to do it..., There's more...
- Windows Size (WSopt) / How it works...
- Window Update, TCP
- about / TCP Window Update
- WinPcap
- URL / See also
- WinPCap (Windows capture driver)
- URL / Useful Wireshark links
- Wireless LAN (Wi-Fi) / Analyzing wireless (Wi-Fi) problems
- Wireless LAN (Wi-Fi) problems
- analyzing / Analyzing wireless (Wi-Fi) problems, How to do it…
- Wireless LAN standards
- working / How it works…
- Wireshark
- locating / Locating Wireshark, How to do it...
- updated version, URL / Getting ready
- stable release, URL / Getting ready
- server, monitoring / Monitoring a server
- router, monitoring / Monitoring a router
- firewall, monitoring / Monitoring a firewall
- capture of data, starting / Starting the capture of data, How to do it...
- start window, configuring / Configuring the start window, Getting ready
- time format, configuring / Using time values and summaries, How to do it...
- coloring rules, configuring / Configuring coloring rules and navigation techniques, Getting ready, How to do it...
- user interface in preferences menu, configuring / Configuring the user interface in the Preferences menu, How to do it...
- protocol preferences, configuring / Configuring protocol preferences, Getting ready
- statistics tool / Introduction
- Expert Infos window / How it works...
- for telephony / Using Wireshark's features for telephony and multimedia analysis, Getting ready, How to do it..., How it works...
- for multimedia analysis / Getting ready, How to do it..., How it works...
- used, for monitoring jitter / Monitoring jitter and delay using Wireshark, How to do it..., How it works..., There's more...
- used, for monitoring delay / Monitoring jitter and delay using Wireshark, How to do it..., How it works..., There's more...
- open source software, URL / Useful Wireshark links
- Wireshark$ Capture Filter window / How it works...
- Wireshark filter page
- URL / Interesting websites
- Wireshark filters
- URL / Interesting websites
- Wireshark links
- URL / Useful Wireshark links
- downloads page, URL / Useful Wireshark links
- learning page, URL / Useful Wireshark links
- worms / How it works...
X
- 1xx codes / 1xx codes – provisional/informational
- 2xx codes / 2xx codes – success
- 3xx codes / 3xx codes – redirection
- 4xx codes / 4xx codes – client error
- 5xx codes / 5xx codes – server error
- 6xx codes / 6xx codes – global failure
- X Axis
- configuring / X-Axis configuration
- XML Packet Details (*.pdml) / Saving data in various formats
- XML Packet Summary (*.psml) / Saving data in various formats
- Xplico
- URL / There's more..., Other stuff
Y
- Y Axis
- configuring / Y-Axis configuration
Z
- Zabbix
- URL / SNMP platforms
- Zero Window, TCP
- Zero Window Probe, TCP