Why do I see different data using the same capture file in two places?

There are a number of preference settings in Wireshark that can cause the information to be displayed differently. Some of the more common ones are:

If one of you has network name resolution on and the other one has it off, one of you will see DNS names and the other one will see IP addresses.

If one of you has transport name resolution on and the other one has it off, one of you will see TCP and UDP port names, the other one will see TCP and UDP port numbers.

If one of you has MAC name resolution on and the other one has it off, one of you will see the OUI portion of the MAC address as a friendly name, the other one will see only numerical MAC addresses.

If the two of you have your Time Display Format set differently, you will see different values in the Time column.

If one of you has added any custom columns, he will see information that the other one does not. If one of you has rearranged your display columns, he will see the information laid out differently.

If you have different settings for “Allow subdissector to reassemble TCP streams” the information will be presented differently.

If you have different coloring rules, your packets may be colored differently.

These are just a few. There are many preferences that can cause information to be displayed differently. If you’re both opening the same capture file, then you should both be seeing the same bits. It’s a matter of how the information is displayed.

As @multipleinterfaces asked, what differences are you seeing?

Maybe your local dns servers resolve ip addresses in the capture file to different names (RFC 1918 addresses). Disable name resolving and compare the results again.

Edit -> Preferences -> Name Resolution -> Enable network name resolution

Uncheck that option.

Regards
Kurt