This is our old Q&A Site. Please post any new questions and answers at

Would it be feasible to have options to:

  1. Add HOSTS file information that will travel with the PCAP file as it is sent to vendors, etc.
  2. Or, an option to save the file with the current HOSTS file information
  3. Add Summary information on the problem.
  4. Obfuscate IP addresses for confidentiality reasons (modify HOSTS IP information (#1) accordingly)
  5. Add a user initiated record to mark events in a trace with timestamps and user comment
  6. Add a network trace analyst record to enable permanent highlighting of trace areas with comments

asked 14 Sep '10, 04:36

Gary's gravatar image

accept rate: 0%

edited 14 Sep '10, 10:06

Gerald%20Combs's gravatar image

Gerald Combs ♦♦

That's what pcap-ng envisions to provide. Wireshark only supports a limited subset of its features.

permanent link

answered 14 Sep '10, 04:51

Jaap's gravatar image

Jaap ♦
accept rate: 14%

Item 4 isn't a capture format issue - you'd want to obfuscate the actual raw packet data, regardless of the capture format. If Wireshark supported putting address-mapping information in pcap-ng captures, you'd also want to either map the obfuscated addresses to the real names or remove the address-mapping information.

(15 Sep '10, 17:02) Guy Harris ♦♦

Gary - you can check out pcap-ng information at

I think you have a great list going!

permanent link

answered 14 Sep '10, 08:19

lchappell's gravatar image

lchappell ♦
accept rate: 8%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 14 Sep '10, 04:36

question was seen: 5,357 times

last updated: 15 Sep '10, 17:02

p​o​w​e​r​e​d by O​S​Q​A