This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Wireshark capture

0

Hi, I have been given a wireshark capture to find illegal communications the packet count is 348,464 and most of the protocols are http,dns and tcp what is the best way to filter through the capture to look for messages and communication?

Thank you

asked 21 Mar '17, 13:02

emma123's gravatar image

emma123
6334
accept rate: 0%

In this case try to use networkminer.

(21 Mar '17, 13:08) Christian_R

Hi, it says error opening PCAP file. The stream is not a PCAP file.

(21 Mar '17, 13:16) emma123