Dan HansenNov 26

Amplification Attacks, SYN Floods, Ping Sweeps, Port Scans, Duplicate IP Addresses, Segment Gaps, ARP Request Storms, Extraneous Data …

Are they lurking in your capture files? Find out with Capture File Forensics version 4.0
apple.co/4onAVxD

#pcap #packetcapture #forensics #security #monitoring #Wireshark

Dan HansenNov 18

Amplification Attacks, SYN Floods, Ping Sweeps, Port Scans, Duplicate IP Addresses, Segment Gaps, ARP Request Storms, Extraneous Data …

Are they lurking in your capture files? Find out with Capture File Forensics.
apple.co/4onAVxD

#pcap #packetcapture #forensics #security #monitoring #Wireshark

Dan HansenNov 4

Amplification Attacks, SYN Floods, Ping Sweeps, Port Scans, Duplicate IP Addresses, Segment Gaps, ARP Request Storms, Extraneous Data ...

Are they lurking in your capture files? Find out with Capture File Forensics.
apple.co/4onAVxD

#pcap #packetcapture #forensics #security #monitoring #Wireshark

Hacker NewsOct 14

Wireshark 4.6.0 Supports macOS Pktap Metadata (PID, Process Name, etc.)

https://nuxx.net/blog/2025/10/14/wireshark-4-6-0-supports-macos-pktap-metadata-pid-process-name-etc/

#HackerNews #Wireshark #Pktap #macOS #Metadata #NetworkAnalysis #PacketCapture

Wireshark 4.6.0 Supports macOS pktap Metadata (PID, Process Name, etc.) – nuxx.net

Show threadIBBoardAug 6, 2025

I think I've worked out why my string matching in `iptables` hasn't been working.

When I do get it to log, it's reporting 64 byte packets. For packets that Wireshark says are 78 bytes. Because it's just reporting the IP frame size, not the full Ethernet frame size. And so my offsets have been out by an Ethernet header size that I assumed was in the packet calculations.

Because it's IP Tables, of course 😑

#PacketCapture #Networking #SysAdminProblems

WiresharkJul 11, 2025

Just getting started with Wireshark?

Check out “Packet Capture 101” for a beginner-friendly intro to packet analysis! Taught by @packetjay, this session covers everything you need to know to get up and running with Wireshark.

https://www.youtube.com/watch?v=rWHWOat5_Xg

Want to learn live from experts? Join us at SharkFest'25 EUROPE for hands-on classes, networking, and all things packet analysis.

Don’t miss your chance to level up your network troubleshooting skills—visit https://sharkfest.wireshark.org for details!

#Wireshark #PacketCapture #sf25eu

26: Packet Capture 101 | Learn Wireshark @ SF22US

YouTube
Peter N. M. HansteenMay 15, 2025
erspan(4) committed to -current https://www.undeadly.org/cgi?action=article;sid=20250515044548 #openbsd #erspan #pcap #networking #packetcapture #security #monitoring #development #newfeature #opensource #freesoftware #libresoftware
erspan(4) committed to -current

Peter N. M. HansteenMay 12, 2025
erspan(4): ERSPAN Type II collection https://www.undeadly.org/cgi?action=article;sid=20250512100219 #openbsd #erspan #networking #span #tunneling #pcap #packetcapture #security #monitoring
erspan(4): ERSPAN Type II collection

Peter N. M. HansteenMay 7, 2025
bpflogd(8) imported into -current https://www.undeadly.org/cgi?action=article;sid=20250507113848 #openbsd #bpflogd #networking #bpf #pcap #packetcapture #packetlogging #devops #development #current #freesoftware #libresoftware
bpflogd(8) imported into -current

Tim (Wadhwa-)Brown Mar 29, 2025

Released a new tool, packet-monkey:

https://github.com/timb-machine/packet-monkey

Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters. I use it for layer 2/3 traffic analysis on engagements.

#tool, #code, #packetcapture, #trafficanalysis, #wireshark

GitHub - timb-machine/packet-monkey: Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters

Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters - timb-machine/packet-monkey

GitHub