Reading PCAPs with Wireshark Statistics // Lesson 8 // Wireshark Tutorial
Рет қаралды 71,509
2 жыл бұрынProtocol analysis is hard to do if we try to look at a pcap one packet at a time. In Wireshark we can use the Statistics feature to get a high level view of the conversations, protocols, and addressing in use in the traffic. Let's learn how to use this feature.
Download the sample trace file here:
www.cloudshark.org/captures/1...
(Select Export | Download to pull the trace down locally)
Please smash the like button to let me know if you enjoy this content!
== More On-Demand Training from Chris ==
▶Getting Started with Wireshark - bit.ly/udemywireshark
▶Getting Started with Nmap - bit.ly/udemynmap
== Live Wireshark Training ==
▶TCP/IP Deep Dive Analysis with Wireshark - bit.ly/virtualwireshark
== Private Wireshark Training ==
Let's get in touch - packetpioneer.com/product/pri...
@efrensagun9397 2 жыл бұрын
I love how this series is presented especially the duration of each lesson which only lasted below 9 mins, enough to cover the topic presented. Thanks for making these contents Chris. Super helpful.
@ChrisGreer 2 жыл бұрын
Thank you!
@Funnybone_FB 2 жыл бұрын
Cannot thank you enough for this, Chris. I am so grateful for these lessons and tutorials.
@edsonrocks 2 жыл бұрын
Brilliant Chris, as always. You make it look so easy 😅 Thank you
@Renan_PS-zt8lm 3 ай бұрын
This is mindblowing, the most useful class for me by far.
@IchbinGigio 2 жыл бұрын
Man I've been learning so much with your videos. Thank you for this beautiful act of sharing all of this 🙏🏻👍🏻
@richardhyman6981 Жыл бұрын
Another excellent lesson! You really have taken something rather intimidating and broken it down into bite-size, real world examples we can cut our teeth on! Thank you!
@ChrisGreer Жыл бұрын
Thanks for the comment again Richard. Really glad you like the content
@outerheaven01 2 жыл бұрын
I already use this as you have mentioned it in your previous content. This is super helpful. First thing I do when I open a trace. I'm not a network engineer but it helps me understand so much. Keep up the good content. Thanks Chris!
@ChrisGreer 2 жыл бұрын
Thanks!
@RicardoDiaz21129 7 ай бұрын
As always, thank you so much Chris. Have learned so much from your videos!!
@soliid_snake_xx4113 Жыл бұрын
Thank you Chris! Definitely subscribing. You DA MAN
@kosmonautofficial296 2 жыл бұрын
Great video Chris! These statistics recently helped me solve a problem, thank you!
@prasadshinde8271 2 жыл бұрын
This is really helpful chris, Thanks for creating the videos.
@RobertBesmonte 2 жыл бұрын
Thank you, Chris! I appreciate this kind of tutorials hope to see more from you so that we could be on your level ;)
@ChrisGreer 2 жыл бұрын
Thanks for the comment Robert!
@nms9352 2 жыл бұрын
Thanks, Chris! - as always, super helpful content and very well presented!
@ChrisGreer 2 жыл бұрын
Thanks for the comment!
@ptyspawnbinbash 2 жыл бұрын
Awesome videos and series, loving it! Thanks a lot for the effort you put into these videos. :)
@ChrisGreer 2 жыл бұрын
Glad you like them!
@amirahmed1404 2 жыл бұрын
This is helpful Chris. Thanks a lot.
@Black_Swan68761 2 жыл бұрын
Superb!! you are awesome. Amazing, another trick i learnt from this video. Millions of Thanks to you.
@user-qb3co2jb9z 2 жыл бұрын
Thank you a lot for the lessons!!
@RajkumarNayak 2 жыл бұрын
Great stuff as always..
@user-ee7nw2kn6u 4 ай бұрын
thank you chris you make wireshark very easy and network analysis easy
@ChrisGreer 4 ай бұрын
Thank you!!
@user-zc4nx5td2j 4 ай бұрын
Thank you so much-just leaning this and needed a quick overview of p-cap and you, jus tin this video, brought all the obscurity I have learned into something I get- I GOT IT!!! ( I think haha). Thank yo so much!!!
@domagoj19zg 2 жыл бұрын
thanks for creating these videos :)
@wagnerj01 Жыл бұрын
As always, great job on this video. Thanks
@ChrisGreer Жыл бұрын
Glad you enjoyed it!
@kevinmckee6218 3 ай бұрын
awesome video.
@Cyborg9799 Жыл бұрын
Very good I learn tools on each class. WS users are empowered when they know how to use a tool.
@maxwellchessdotcom6952 2 жыл бұрын
Good stuff!
@breakingbisley 2 жыл бұрын
Hey Chris, thanks for the hard work, and lessons. I imagine this takes a lot of your time, I myself appreciate this. These lessons and the other videos are helping me understand networking on a higher concept (As I work with Palos and Fortigates), in which is helping me troubleshoot issues.
@ChrisGreer 2 жыл бұрын
I appreciate that!
@mariotpc Жыл бұрын
Thanks Chris ! Excellent lesson...!
@ChrisGreer Жыл бұрын
You are welcome! Thanks for watching.
@sandeepm625 2 жыл бұрын
nice content. very helpful
@workflowinmind Жыл бұрын
Man I've tried countless times to make sense of Wireshark (for years), I always was completely lost (although I'm supposedly quite technical) Thanks to this series it finally clicked! Thanks a lot
@ChrisGreer Жыл бұрын
Glad you found my channel!
@jaybay711 9 ай бұрын
Great Video
@arghosinha1424 3 ай бұрын
9m of pure Wireshark knowledge. 🤟
@ChrisGreer 3 ай бұрын
Next time it will be 10 mins 😆
@judahtunes2245 Жыл бұрын
Thanks Dude
@sri9277 2 жыл бұрын
Your explanation is super ❤️
@ChrisGreer 2 жыл бұрын
Glad you think so!
@romansovetskikh7902 Жыл бұрын
Suitale set of lessons. Many thanks.
@ChrisGreer Жыл бұрын
Glad you liked it!
@Kennomie 2 жыл бұрын
nice explanation, keep it up please, thank you!
@ChrisGreer 2 жыл бұрын
Thanks, will do!
@ahmadmaherchemohdadib911 2 жыл бұрын
Thanks Chris! Love it. Before this, I used manually count! Hahaha..forgot Wireshark has features of statistics :)
@ChrisGreer 2 жыл бұрын
don't feel bad... I did too! Until someone showed me how to use Statistics better. Thanks for the comment and for stopping by the channel!
@jnelly3426 Жыл бұрын
Good Stuff
@vyasG 2 жыл бұрын
Thank you so much for this video. Great content, and very useful. This series is too good, and your teaching style is one of the best - Easy to follow and you keep us focused! Appreciate your time and effort in doing this. I have a question - Regarding the values of each column, I see they are aligned to left, right or centre. Is it possible to change this, like make all the column values aligned to the centre?
@ChrisGreer 2 жыл бұрын
Hello Vyas, Thanks for the comment. For centering the columns... I have always just done it one column at a time, not all of them. I'll have to dig to see if there is a way we can do all of them. Good question!
@avihskshetrii Жыл бұрын
Finally the use of statistics ...easy to find out the fishy activities
@HomeDesign_Austin 6 ай бұрын
great
@aeonarchery4539 Жыл бұрын
awsome thing to learn to become Packet dhakkan :P
@saianoop9515 8 ай бұрын
Hey there, I am currently working on a project for a class that requires using Wireshark to analyze a pcap file. I am looking at 5 specific IP addresses and need to classify the devices as Apple, Android, or Window as well as if it's a DNS server, router, printer, or modem. Is there any tricks to accomplish this? I am new to Wireshark.
@yourtube12345 Жыл бұрын
can pls explain tshark as well
@raomohsin7617 Жыл бұрын
Hi Chris, Could you please tell me what are these files 1.libnl-3.so.... 2.libnl-genl.so..... 3.libnl-route.so.... I'm getting error when I run Wireshark. libnl-route version information not found... Wireshark doesn't capture n/w traffic.
@ItsBigTexYall 2 жыл бұрын
Chris, I may be nitpicking Wireshark a little much here, but at 2:03, you're looking at Layer 2 conversations...why does Wireshark refer to that as Packets rather than Frames?
@danielmitroff1201 2 жыл бұрын
Hello Chris! A have a question. For example, we have big pcap file with a lot of source IP which communicates with some server in our infrastructure. How can i get statistics about packet per second for each src Ip. Yes, i can take some Ip and go to input/output Graph and check it here, but if we have hundreds or thousands of ips, it problematic to do that.
@ChrisGreer 2 жыл бұрын
Hi Daniel! So if you want to do this within the Wireshark GUI - you can go to Statistics // Conversations // IP. On the far right is Bits/s A->B and Bits/s B->A. That shows overall throughput for that conversation. We can also do this on the command line with tshark - go to your command line and use "tshark -q -z conv,ip -r input.pcap" without the quotes. That should generate the same stats for you, but on the command line.
@danielmitroff1201 2 жыл бұрын
@@ChrisGreer Thanx, but you are talking about Bits/s , When I need Packets Per second (pps)
@majiddehbi9186 2 жыл бұрын
hi chris i' m brand new here i m from north afric i take my CCNA very soon so I hope this will be benefic for me thx for u re time
@ChrisGreer 2 жыл бұрын
Hello Majid! I hope you get that CCNA!
@majiddehbi9186 2 жыл бұрын
@@ChrisGreer thx Chris and God bless u
@dopy8418 2 жыл бұрын
Graphs next ?
@aaronallen976 Жыл бұрын
who is X.2.2?
Chris Greer
Рет қаралды 87 М.
Action C Mini
Рет қаралды 24 МЛН