Hi, I have been given a wireshark capture to find illegal communications the packet count is 348,464 and most of the protocols are http,dns and tcp what is the best way to filter through the capture to look for messages and communication? Thank you asked 21 Mar '17, 13:02  emma123 |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
In this case try to use networkminer.
Hi, it says error opening PCAP file. The stream is not a PCAP file.