Wireshark · Wireshark-users: [Wireshark-users] number of peers per endpoint?

Wireshark-users: [Wireshark-users] number of peers per endpoint?

From: Anne Blankert <anne.blankert@xxxxxxxxx>

Date: Thu, 13 Mar 2014 15:58:33 +0100

Hello List,

For network troubleshooting, I often I use the statistics->conversationsoverview.

However, one type of network problem are endpoints that are misbehavingby connecting to many different peers (scanners, worms, peer-to-peergotten out of hand etc.). These endpoints may not be generating muchtraffic, but they are creating many sessions and they are suspicious bythe nature of their behaviour..

Does Wireshark provide an easy way to get the number of peers perendpoint, preferably sortable by number of peers?


If not:

In the overview statitistics->endpoints, I was looking for a column#of_peers or something like that. But there is no such column. Should beeasy to calculate I think? Could this be a new feature to request? Forethernet it could show the number of ethernet peers per MAC, for ipv4the number of ipv4 peers per ipv4, voor tcp, the number of tcp-sessions,etc.


Anne Blankert

Prev by Date: [Wireshark-users] save tcpstream with colours?
Next by Date: Re: [Wireshark-users] RTP tracing problem
Previous by thread: [Wireshark-users] save tcpstream with colours?
Next by thread: Re: [Wireshark-users] number of peers per endpoint?
Index(es):
- Date
- Thread