Hi, I'm new to wireshark and have to use it to capture a ddos attack for an assignment. I have the captured traffic, but every time I try to open the graph it shows no data. I'm not sure what filters to use; I've tried all the ones I can think of, and I'm and still getting nothing coming up. All of the traffic captured is TCP protocol, hitting port 80. I have a TCP traffic filter, IP address (127.0.0.1), an all packets filter and a tcp.port == 80 || udp.port == 80. Pleeease help me if possible, I am about to put my fist through the laptop. Cheers asked 20 Jun '17, 01:39  C19 |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
Which Wireshark version do you use? In 2.2.x (in my case, 2.2.7) you go
Statistics -> I/O graph, and if you haven't used the graph before, you should have there two active traces - one named "All packets" with no display filter, and another one named TCP Errors with display filtertcp.analysis.flags. If you have something else there, click one of the lines and press the [-] button until the list is empty, then close the graph and open it again. You should see at least the "all packets" line.Then, you can fill in the "display filter" field, press enter when the filter meets your needs, and then tick the checkbox next to the name as it unchecks after you change the filter.
Which of these steps does not work for you?