Terms of Use For FixedByVonnie

By proceeding to access fixedByVonnie.com, you expressly acknowledge, and agree to, all of the following:

fixedByVonnie.com is a personal website and blog owned by Security Plus Pro LLC, which is being presented for informational purposes only. The views on this website are solely those of the website owner (and not those of any employer or of any professional associations affiliated with the website owner).  Any views expressed in this website and any information presented on this website, or in any of its blog entries, should not be relied on for any purpose whatsoever other than as the personal opinions of the website owner.  The website owner expressly disclaims any and all liability for any information presented on this site.  The owner of this website and its blog posts shall not be held liable, and shall be held harmless, for any errors or omissions in any information or representations contained in this website, or in any of its blog entries.  The website owner also expressly disclaims any liability for the current or future availability of any such information. The website owner makes no representations as to the accuracy or completeness of any information on this website or which may be found by following any link on this website. The website owner shall not be held liable for any losses, injuries, damages, claims, or causes of action, from the display or use of any information on this website or in any of its blog entries. If you use the information on this website, or on any of its blog entries, you do so solely at your own risk.

Wireshark 240: Profiles - fixedByVonnie

Wireshark 240: Profiles

Posted on by vonnie No Comments ↓

Do you want to be a Wireshark ninja?  All the pros know about profiles!

Wireshark profiles are what allow you to switch up the configuration on the fly.  You can have one configuration tweaked for network forensics and another configured for latency.  You can tune Wireshark to instantly change its behavior with a simple click of the mouse.  And it’s the profiles that make this happen!  You can different columns, settings and features based on the specific task you’re using Wireshark for.

Let’s check it out.

Any changes made within a profile stay within that profile.

Powering up with Profiles

Let’s say we’re investigating a profile with network latency.  Users are complaining that an application is super slow and you need to figure out if the problem is endemic to the PC’s, the network, or the Server.  Let’s look how we can create a specialized profile to focus our research.

There are three ways to create profiles in Wireshark

  • Select the Edit menu and choose Configuration Profiles at the bottom of the screen
  • Press Shift + Ctrla
  • Click “Profile: Default” in the status bar sitting at the bottom of the Wireshark window

Wireshark Profiles

Highlight the existing profile, choose Copy and rename it.  Your profile copy includes everything from the from the version you copied but any changes you make in your new profile will stay in your new profile.

Creating your new profile in WiresharkSo let’s tweak your new profile.

You may have noticed that the Time column displays the number of seconds since the first PDU.  To change this go to View, pick Time Display Format and Seconds since previous packet.

Wireshark time display format

You’ll notice the values in the time column have been adjusted to show the delta between the previous packet rather than the first packet.

To switch to your other profile, right click the Profile in the status bar and flip to your other profile.

Change Wireshark Profile

Notice how the Time column returned to the way it was before!  That’s the beauty of profiles.

Wireshark Time FramesThat’s it.

In the next guide, I’ll show you how to use Wireshark to cure a slow network!

Stay tuned tomorrow.

 

About

Connect with Vonnie on Twitter

Posted in Linux, Mac OS X 10.10 Yosemite, Mac OS X 10.8 Mountain Lion, Mac OS X 10.9 Mavericks, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Vista, Windows XP Tagged with: , , ,