Manualshelf

Quick Start Guide

ManualsBrandsWireshark ManualsSoftware$model.subName
11121314151617181920
Wireshark Quickstart Guide
15
A conversation report is similar to an endpoint report. A
conversation is defined as all of the traffic between two specific
endpoints. As an example, consider packets at the TCP level.
Let’s say that you started capturing packets and then went to
two web sites: www.cnn.com and www.usatoday.com . The
endpoint report on your web browser will combine all traffic
from your browser and both of these web sites. A conversation
report between your browser and the www.cnn.com site would
exclude the data from www.usatoday.com .
VI) Saving Captures
Wireshark also allows you to capture a set of packets and save it
to a file that can be opened later. In addition to the obvious uses,
this allows two unique capabilities.
Instructors may wish to save one capture file and
distribute it to all students. This allows instructors
to pose a set of questions on a consistent data set,
and to know that each student has appropriate data
to answer the questions.
In some circumstances, for example using a
wireless network connection, students may have
difficulty capturing packets. In these cases,
Wireshark will still be able to analyze packets from
saved files created on another platform or with other
tools. These students can capture a set of packets on
any accessible machine; save the captured packets;
and transfer the saved file to their personal machine
for analysis.