Hi,
You're welcome to join the club. :) Since you're already accustomed to network
analysis you might find it not to hard to use Wireshark.
If you want expert training have a look at Wireshark University.
Thanx,
Jaap
If you're looking for Wiresark training
Sheahan, John wrote:
Wow! the worked perfectly and quickly!
I'm impressed.
I have always been a proponent of using Sniffer Pro but that is only
because I know how to get around quickly in there due to previous
training.
It appears that Wireshark is alot more powerful once you know what
you're doing?
jack
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Gerald Combs
Sent: Friday, April 11, 2008 12:56 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Unanswered SYNs
Sheahan, John wrote:
My question is, is there some way that I could have used the wireshark
software to filter on unanswered SYNs and could have saved myself alot
of work?
The TCP dissector doesn't have a "tcp.analysis.dangling_syn" or
"tcp.analysis.handshake_progress" display filter field, although either
of those would arguably be pretty handy. You should be able to find
unanswered SYNs in a capture file here by selecting
"Statistics->Conversation List->TCP (IPv4 & IPv6)", then sorting by
"Packets A<-B". Unanswered SYNs will have zero packets in that column.
