Who’s In Charge Here? (and Why?) (by Paul W. Smith)
Wireshark: Using Configuration Profiles (by Joke Snelders)

Using Splitcap to Help Analyze Your Wireshark Trace Files (by Tony Fortunato)

I came across this really nifty little utility to help analyze your Wireshark tracefiles.

Splitpcap will use 1 trace file and create various trace files based on your criteria. 

For example you can ask splitpcap to create a trace file for all the ip addresses and tcp/udp conversations, or create a trace file for every ip address, plus a ton more.

I especially like the -y L7 switch that will extract the application data or payload and save it in a text file.  Just like Follow TCP or UDP Stream.




Continue reading other LoveMyTool posts by Tony Fortunato »