This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.
0
1

Is wireshark included application layer attachment.Basically I want to ask is it attaching the information above the network layer ?

If it is so how to analyze it ?

Ultimately How do we come to know that there are other headers are attacked with packet on wireshark ?

asked 08 Sep '16, 07:18

avani%20badheka's gravatar image

avani badheka
11244
accept rate: 0%


Yes there is. Above the network layer (eg. IP) there are transport layer protocols which are dissected (eg. TCP, UDP, etc). Even layers above that are dissected (eg. SMB, FTP, HTTP, etc.), and in some cases even above that, allowing you to export objects and streams communicated with these protocols (eg. SMB, RTP voice, etc.). As soon as Wireshark knows about these protocols it tries to dissect them, given that dissection is properly configured. This varies per protocol and dissector.

In short, the higher you come in the network stack, the less complete Wireshark is. It main strengths lay in the lower layer protocols.

permanent link

answered 08 Sep '16, 09:42

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

thank you , Is there any probability that OS is going to attached some headers with packets ? like at kernel side is it attach some own headers ?

(11 Sep '16, 22:49) avani badheka
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×205
×100
×1

question asked: 08 Sep '16, 07:18

question was seen: 1,137 times

last updated: 11 Sep '16, 22:49

p​o​w​e​r​e​d by O​S​Q​A