Using Wireshark's Editcap to Reduce Your Trace File Size (by Tony Fortunato)

Local Search

LMT Authors

Casey Mullis
(Never Give Up)
Chris Greer
(Packet Pioneer)
Denny K Miu
(Man'ority Report)
Paul W. Smith
(Live Long and Prosper)
Tim O'Neill
(The Oldcommguy™)
Tony Fortunato
(The Technology Firm)

By Technology

« Sunday Buzz: Eight is Enough (by Denny K Miu) | Main | Setting the Foundation: What to Remember When Moving to 802.11n (Jay Botelho) »

July 25, 2011

Using Wireshark's Editcap to Reduce Your Trace File Size (by Tony Fortunato)

As much fun as capturing packets may be fun and exciting to the average analyst (that was sarcasm), many times I end up with large trace files that aren't manageable.

In this Video I explain how to use Wiresharks editcap command line utility to make your trace files smaller.

Enjoy

Continue reading other LoveMyTool posts by Tony Fortunato »

Posted in Open Source Tools, Protocol Analysis, Test & Measurement, Tony Fortunato | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e008d957708834015433de8a5b970c

Listed below are links to weblogs that reference Using Wireshark's Editcap to Reduce Your Trace File Size (by Tony Fortunato):

LoveMyTool - Open Community for Network Management and Monitoring

Protocol Analysis, Data Recorder, CALEA, Lawful Intercept, Application Performance, User Experience, Industrial Ethernet, Data Loss Prevention, Deep Packet Inspection, NetFlow, SOX, HIPAA and PCI Compliance, Switching and Routing, Forensics, VoIP, IPTV ... etc.

Local Search

Top 10 Posts

Recent Comments

LMT Authors

Recent Posts

By Technology

July 25, 2011

Using Wireshark's Editcap to Reduce Your Trace File Size (by Tony Fortunato)

TrackBack

Comments

LMT Advertisers

LMT Sponsors

News From LMT Sponsors