Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Noob Questions

From: <Tim.Poth () bentley com>
Date: Wed, 13 Jan 2010 10:52:30 -0500
You can tell Wireshark to only capture x bytes, so lets say you only want to capture the first 100 bytes, this field 
would tell you Captures 100 but the full packet size was 1300 (or whatever it was) incase that is something you care 
about. Its also nice to use when someone limits a capture for you and doesn't tell you and none of the dissectors are 
making any sense...

If you go to Statistics, Conversations you can see the bytes listed (click around the tabs for different perspectives) 
If you need a nice graphs you should have a look at Pilot (http://www.cacetech.com/products/cace_pilot.html) it's a 
super cool tool written by Cace (the guys who do a lot of the work on Wireshark) its not free but very cool, or if you 
have a router, smart switch, ect in there you might want to try a monitoring program like cacti (http://www.cacti.net/)

Hope that helps



From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Collin D 
Wainscott
Sent: Tuesday, January 12, 2010 11:37 AM
To: wireshark-users () wireshark org
Subject: [Wireshark-users] Noob Questions

Hey Wireshark Users,

I am pretty new to understanding wireshark and need to know a few things for a project I am doing.  First off, what 
exactly does the line "x bytes on wire, x bytes captured" refer to?  Also I am looking for some confirmation on the 
direction of my project or advice.  I am trying to monitor exactly how much data is being sent to and from a specific 
IP address.  Would the previously mentioned line tell me this information?  If this is worded awkwardly, just tell me 
and I will try to specify what I am looking for.

Thanks and godspeed,
Collin Wainscott

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: