본문 바로가기
조회 수 955 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print Files
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print Files
Wireshark settings for traffic analysis

People have their own favourite settings for wireshark. Here are my wireshark settings that I usually configure for traffic analysis.

1. Adding more fields for visibility
Go to Edit > Preferences, then add the following fields.
01.png

2. Disable relative seq number for TCP protocol
Go to Edit > Preferences > Protocols > TCP, then uncheck 'Relative sequence numbers'
02.png

3. Change time display format
03.png

4. Set Host info in HTTP header as column
: This is useful for HTTP analysis

4-1. start capturing
04.png

4-2. filter by http.request then pick the Host info and apply as column
05.png

4-3. now you get the host column as below
06.png


Title
List of Articles
번호 제목 글쓴이 날짜 조회 수
20 How to Decrypt SSL and TLS Traffic using Wireshark (test with sample file) file Hojung 2015.01.23 2269
19 자바스크립트 난독화 기법 / 분석 방법론 (정리예정) Hojung 2015.01.05 1298
18 Base64 encode/decode with OpenSSL Hojung 2015.01.04 1205
17 Convert ascii to hex and vice versa (hexdump, od, xxd, echo -e) Hojung 2015.01.04 922
16 Simple ruby script to de-obfuscate with XOR string Hojung 2015.01.01 585
15 Installing yara on CentOS and test with Ruby script Hojung 2014.12.31 1761
14 Installing Yara for ruby on Mac Hojung 2014.12.31 624
13 How to find the original email sender (check X-Originating-IP or Received headers) Hojung 2014.12.29 718
12 Links for FireEye Deployment Check Hojung 2014.12.11 2293
11 Get timezone info from system logs which is /var/log/messages Hojung 2014.12.07 636
10 Analysing NTPd logs file Hojung 2014.12.07 1285
9 Sguil with tcpreplay (Security Onion) file Hojung 2014.12.01 2084
» Wireshark settings for traffic analysis file Hojung 2014.11.29 955
7 Security Onion with Snort and Snorby (pulledpork and snort with offline pcap included) file Hojung 2014.11.24 3269
6 Snort on Ubuntu 14 (Barnyard2, PulledPork, BASE, Snort with pcap) file Hojung 2014.11.22 2948
5 How to install Snorby in Kali (snort) file Hojung 2014.11.21 7322
4 install geoiplookup on Mac Hojung 2014.08.06 2604
3 DDoS 공격대응 가이드 Hojung 2014.07.29 3696
2 DDoS 분석도구 설치 및 분석 (tcpdstat, ngrep, httpry) Hojung 2014.07.25 3166
1 Perl script to push samples to Virustotal Hojung 2014.02.20 1129
Board Pagination ‹ Prev 1 Next ›
/ 1

Designed by sketchbooks.co.kr / sketchbook5 board skin

나눔글꼴 설치 안내


이 PC에는 나눔글꼴이 설치되어 있지 않습니다.

이 사이트를 나눔글꼴로 보기 위해서는
나눔글꼴을 설치해야 합니다.

설치 취소

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5