Wednesday, February 22, 2012

Packet trace analysis in Wireshark

  • Load the trace into wireshark.
  • Select the Statistics menu.
  • Click Endpoints.
  • In the box, turn off Name Resolution (the checkbox near the lower left corner).
  • For a list of all IP addresses choose the IPv4:# tab.
  • To sort by IP address click on the Address header.
  • To see a list of ports used by an address select the TCP or UDP tab. You can sort on Address or Port in this window.