Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Comment your Packet Captures - Extra! InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Comment your Packet Captures - Extra!

Published: 2018-01-29
Last Updated: 2018-01-29 07:29:36 UTC
by Didier Stevens (Version: 1)
0 comment(s)

Xavier has an excellent tip for Wireshark users: Comment your Packet Captures!

In his diary entry, Xavier advises you to add comments to individual packets.

 

You can also add a global comment to your capture file. Go to Statistics / Capture File Properties:

You can add a comment to the capture file in the displayed dialog box:

Of course, you need to use the pcapng file format to save comments. The pcap format does not support this:

 

Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com

Keywords: comment wireshark
0 comment(s)
Diary Archives