Reading PCAPs with Wireshark Statistics // Lesson 8 // Wireshark Tutorial

Рет қаралды 88,885

Күн бұрын

Protocol analysis is hard to do if we try to look at a pcap one packet at a time. In Wireshark we can use the Statistics feature to get a high level view of the conversations, protocols, and addressing in use in the traffic. Let's learn how to use this feature.
Download the sample trace file here:
www.cloudshark...
(Select Export | Download to pull the trace down locally)
Please smash the like button to let me know if you enjoy this content!
== More On-Demand Training from Chris ==
▶Getting Started with Wireshark - bit.ly/udemywi...
▶Getting Started with Nmap - bit.ly/udemynmap
== Live Wireshark Training ==
▶TCP/IP Deep Dive Analysis with Wireshark - bit.ly/virtual...
== Private Wireshark Training ==
Let's get in touch - packetpioneer....

Пікірлер: 81

@PST_1414 Ай бұрын

I would like to thank you whole heatedly for making this series. i came in contact with you via Mr. David Bombal Series Videos. but your videos completely changed my way for working on Wireshark. Putting efforts from very beginning to use all filters, timers, delta time, DNS, Name Resolution everything was new to me. I am also in networking field. Just completed lesson 8, not finished whole series yet but couldn't resist myself to put a comment about your simplicity to make other understand things in simpler and easy manner. Keep it up chris.. Respect....🙏👍

@ChrisGreer Ай бұрын

Thank you so much for the kind comment! It really helps me stay motivated to make more content for you guys. I appreciate the positive vibes!

@efrensagun9397 2 жыл бұрын

I love how this series is presented especially the duration of each lesson which only lasted below 9 mins, enough to cover the topic presented. Thanks for making these contents Chris. Super helpful.

@ChrisGreer 2 жыл бұрын

Thank you!

@Renan_PS-zt8lm 11 ай бұрын

This is mindblowing, the most useful class for me by far.

@USAFretB52 2 жыл бұрын

Another excellent lesson! You really have taken something rather intimidating and broken it down into bite-size, real world examples we can cut our teeth on! Thank you!

@ChrisGreer 2 жыл бұрын

Thanks for the comment again Richard. Really glad you like the content

@workflowinmind Жыл бұрын

Man I've tried countless times to make sense of Wireshark (for years), I always was completely lost (although I'm supposedly quite technical) Thanks to this series it finally clicked! Thanks a lot

@ChrisGreer Жыл бұрын

Glad you found my channel!

@outerheaven01 3 жыл бұрын

I already use this as you have mentioned it in your previous content. This is super helpful. First thing I do when I open a trace. I'm not a network engineer but it helps me understand so much. Keep up the good content. Thanks Chris!

@ChrisGreer 3 жыл бұрын

Thanks!

@Funnybone_FB 2 жыл бұрын

Cannot thank you enough for this, Chris. I am so grateful for these lessons and tutorials.

@RyanZogheib 11 ай бұрын

thank you chris you make wireshark very easy and network analysis easy

@ChrisGreer 11 ай бұрын

Thank you!!

@edsonrocks 3 жыл бұрын

Brilliant Chris, as always. You make it look so easy 😅 Thank you

@NanookFieryArcticSkyy Жыл бұрын

Very good I learn tools on each class. WS users are empowered when they know how to use a tool.

@IchBinGigio 2 жыл бұрын

Man I've been learning so much with your videos. Thank you for this beautiful act of sharing all of this 🙏🏻👍🏻

@arghosinha 11 ай бұрын

9m of pure Wireshark knowledge. 🤟

@ChrisGreer 11 ай бұрын

Next time it will be 10 mins 😆

@bullet_echo_clips 4 ай бұрын

I’m definitely learning from you! Thanks for your effort to make these videos.

@Black_Swan68761 3 жыл бұрын

Superb!! you are awesome. Amazing, another trick i learnt from this video. Millions of Thanks to you.

@RicardoDiaz21129 Жыл бұрын

As always, thank you so much Chris. Have learned so much from your videos!!

@soliid_snake_xx4113 Жыл бұрын

Thank you Chris! Definitely subscribing. You DA MAN

@kosmonautofficial296 3 жыл бұрын

Great video Chris! These statistics recently helped me solve a problem, thank you!

@Afrodite-t8c 11 ай бұрын

Thank you so much-just leaning this and needed a quick overview of p-cap and you, jus tin this video, brought all the obscurity I have learned into something I get- I GOT IT!!! ( I think haha). Thank yo so much!!!

@RobertBesmonte 3 жыл бұрын

Thank you, Chris! I appreciate this kind of tutorials hope to see more from you so that we could be on your level ;)

@ChrisGreer 3 жыл бұрын

Thanks for the comment Robert!

@breakingbisley 3 жыл бұрын

Hey Chris, thanks for the hard work, and lessons. I imagine this takes a lot of your time, I myself appreciate this. These lessons and the other videos are helping me understand networking on a higher concept (As I work with Palos and Fortigates), in which is helping me troubleshoot issues.

@ChrisGreer 3 жыл бұрын

I appreciate that!

@ptyspawnbinbash 3 жыл бұрын

Awesome videos and series, loving it! Thanks a lot for the effort you put into these videos. :)

@ChrisGreer 3 жыл бұрын

Glad you like them!

@PapaManixs 3 жыл бұрын

Thanks, Chris! - as always, super helpful content and very well presented!

@ChrisGreer 3 жыл бұрын

Thanks for the comment!

@victorelgersma7845 2 ай бұрын

Incredible. Thank you!

@prasadshinde8271 3 жыл бұрын

This is really helpful chris, Thanks for creating the videos.

@mariotpc 2 жыл бұрын

Thanks Chris ! Excellent lesson...!

@ChrisGreer 2 жыл бұрын

You are welcome! Thanks for watching.

@wagnerj01 Жыл бұрын

As always, great job on this video. Thanks

@ChrisGreer Жыл бұрын

Glad you enjoyed it!

@amirahmed1404 3 жыл бұрын

This is helpful Chris. Thanks a lot.

@ahmadmaherchemohdadib911 3 жыл бұрын

Thanks Chris! Love it. Before this, I used manually count! Hahaha..forgot Wireshark has features of statistics :)

@ChrisGreer 3 жыл бұрын

don't feel bad... I did too! Until someone showed me how to use Statistics better. Thanks for the comment and for stopping by the channel!

@avihskshetrii Жыл бұрын

Finally the use of statistics ...easy to find out the fishy activities

@sri9277 3 жыл бұрын

Your explanation is super ❤️

@ChrisGreer 3 жыл бұрын

Glad you think so!

@maxwellchessdotcom6952 2 жыл бұрын

Good stuff!

@雨緑-q4t 3 жыл бұрын

Thank you a lot for the lessons!!

@aeonarchery4539 Жыл бұрын

awsome thing to learn to become Packet dhakkan :P

@RajkumarNayak 3 жыл бұрын

Great stuff as always..

@romansovetskikh7902 2 жыл бұрын

Suitale set of lessons. Many thanks.

@ChrisGreer 2 жыл бұрын

Glad you liked it!

@kevinmckee6218 10 ай бұрын

awesome video.

@sandeepm625 3 жыл бұрын

nice content. very helpful

@NguyễnLong-o1t Ай бұрын

thank you very much!

@JayQuan77 Жыл бұрын

Great Video

@domagoj19zg 3 жыл бұрын

thanks for creating these videos :)

@Kennomie 3 жыл бұрын

nice explanation, keep it up please, thank you!

@ChrisGreer 3 жыл бұрын

Thanks, will do!

@vyasG 3 жыл бұрын

Thank you so much for this video. Great content, and very useful. This series is too good, and your teaching style is one of the best - Easy to follow and you keep us focused! Appreciate your time and effort in doing this. I have a question - Regarding the values of each column, I see they are aligned to left, right or centre. Is it possible to change this, like make all the column values aligned to the centre?

@ChrisGreer 3 жыл бұрын

Hello Vyas, Thanks for the comment. For centering the columns... I have always just done it one column at a time, not all of them. I'll have to dig to see if there is a way we can do all of them. Good question!

@ItsBigTexYall 2 жыл бұрын

Chris, I may be nitpicking Wireshark a little much here, but at 2:03, you're looking at Layer 2 conversations...why does Wireshark refer to that as Packets rather than Frames?

@jnelly3426 Жыл бұрын

Good Stuff

@judahtunes2245 2 жыл бұрын

Thanks Dude

@raomohsin7617 2 жыл бұрын

Hi Chris, Could you please tell me what are these files 1.libnl-3.so.... 2.libnl-genl.so..... 3.libnl-route.so.... I'm getting error when I run Wireshark. libnl-route version information not found... Wireshark doesn't capture n/w traffic.

@saianoop9515 Жыл бұрын

Hey there, I am currently working on a project for a class that requires using Wireshark to analyze a pcap file. I am looking at 5 specific IP addresses and need to classify the devices as Apple, Android, or Window as well as if it's a DNS server, router, printer, or modem. Is there any tricks to accomplish this? I am new to Wireshark.

@yourtube12345 2 жыл бұрын

can pls explain tshark as well

@majiddehbi9186 3 жыл бұрын

hi chris i' m brand new here i m from north afric i take my CCNA very soon so I hope this will be benefic for me thx for u re time

@ChrisGreer 3 жыл бұрын

Hello Majid! I hope you get that CCNA!

@majiddehbi9186 3 жыл бұрын

@@ChrisGreer thx Chris and God bless u

@HomeDesign_Austin Жыл бұрын

great

@danielmitroff1201 3 жыл бұрын

Hello Chris! A have a question. For example, we have big pcap file with a lot of source IP which communicates with some server in our infrastructure. How can i get statistics about packet per second for each src Ip. Yes, i can take some Ip and go to input/output Graph and check it here, but if we have hundreds or thousands of ips, it problematic to do that.

@ChrisGreer 3 жыл бұрын

Hi Daniel! So if you want to do this within the Wireshark GUI - you can go to Statistics // Conversations // IP. On the far right is Bits/s A->B and Bits/s B->A. That shows overall throughput for that conversation. We can also do this on the command line with tshark - go to your command line and use "tshark -q -z conv,ip -r input.pcap" without the quotes. That should generate the same stats for you, but on the command line.

@danielmitroff1201 3 жыл бұрын

@@ChrisGreer Thanx, but you are talking about Bits/s , When I need Packets Per second (pps)