Wireshark Cheat Sheet: Difference between revisions
Created page with "=== Default Columns In a Packet Capture Output === {| class="wikitable" !NAME !DESCRIPTION |- |No. |Frame number from the beginning of the packet capture |- |Time |Seconds from the first frame |- |Source (src) |Source address, commonly an IPv4, IPv6 or Ethernet address |- |Destination (dst) |Destination address |- |Protocol |Protocol used in the Ethernet frame, IP packet, or TC segment |- |Length |Length of the frame in bytes |} === Logical Operators === {| class="wikit..." |
|||
| (One intermediate revision by the same user not shown) | |||
| Line 276: | Line 276: | ||
!DESCRIPTION | !DESCRIPTION | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 1.png]] | ||
|Start | |Start | ||
|Capture → Start | |Capture → Start | ||
|Uses the same packet capturing options as the previous session, or uses defaults if no options were set | |Uses the same packet capturing options as the previous session, or uses defaults if no options were set | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 2.png]] | ||
|Stop | |Stop | ||
|Capture → Stop | |Capture → Stop | ||
|Stops currently active capture | |Stops currently active capture | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 3.png]] | ||
|Restart | |Restart | ||
|Capture → Restart | |Capture → Restart | ||
|Restart active capture session | |Restart active capture session | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 4.png]] | ||
|Options… | |Options… | ||
|Capture → Options… | |Capture → Options… | ||
|Opens “Capture Options” dialog box | |Opens “Capture Options” dialog box | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 5.png]] | ||
|Open… | |Open… | ||
|File →open… | |File →open… | ||
|Opens “File open” dialog box to load a capture for viewing | |Opens “File open” dialog box to load a capture for viewing | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 6.png]] | ||
|Save As… | |Save As… | ||
|File → Save As… | |File → Save As… | ||
|Save current capture file | |Save current capture file | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 7.png]] | ||
|Close | |Close | ||
|File →Close | |File →Close | ||
|Close current capture file | |Close current capture file | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 8.png]] | ||
|Reload | |Reload | ||
|View → Reload | |View → Reload | ||
|Reload current capture file | |Reload current capture file | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 9.png]] | ||
|Find Packet… | |Find Packet… | ||
|Edit →Find Packet… | |Edit →Find Packet… | ||
|Find packet based on different criteria | |Find packet based on different criteria | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 10.png]] | ||
|Go Back | |Go Back | ||
|Go → Go back | |Go → Go back | ||
|Jump back in the packet history | |Jump back in the packet history | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 11.png]] | ||
|Go Forward | |Go Forward | ||
|Go → Go Forward | |Go → Go Forward | ||
|Jump forward in the packet history | |Jump forward in the packet history | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 12.png]] | ||
|Go to Packet… | |Go to Packet… | ||
|Go → Go to Packet… | |Go → Go to Packet… | ||
|Go to specific packet | |Go to specific packet | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 13.png]] | ||
|Go to First Packet | |Go to First Packet | ||
|Go → Go to First Packet | |Go → Go to First Packet | ||
|Jump to first packet of the capture file | |Jump to first packet of the capture file | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 14.png]] | ||
|Go to last Packet | |Go to last Packet | ||
|Go → Go to last Packet | |Go → Go to last Packet | ||
|Jump to last packet of the capture file | |Jump to last packet of the capture file | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 15.png]] | ||
|Auto Scroll in Live Capture | |Auto Scroll in Live Capture | ||
|View → Auto Scroll in Live Capture | |View → Auto Scroll in Live Capture | ||
|Auto scroll packet list during live capture | |Auto scroll packet list during live capture | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 16.png]] | ||
|Colorize | |Colorize | ||
|View → Colorize | |View → Colorize | ||
|Colorize the packet list (or not) | |Colorize the packet list (or not) | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 17.png]] | ||
|Zoom In | |Zoom In | ||
|View → Zoom In | |View → Zoom In | ||
|Zoom into the packet data (increase the font size) | |Zoom into the packet data (increase the font size) | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 18.png]] | ||
|Zoom Out | |Zoom Out | ||
|View → Zoom Out | |View → Zoom Out | ||
|Zoom out of the packet data (decrease the font size) | |Zoom out of the packet data (decrease the font size) | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 19.png]] | ||
|Normal Size | |Normal Size | ||
|View → Normal Size | |View → Normal Size | ||
|Set zoom level back to 100% | |Set zoom level back to 100% | ||
|- | |- | ||
| | |[[File:Wireshark cheat sheet 20.png]] | ||
|Resize Columns | |Resize Columns | ||
|View → Resize Columns | |View → Resize Columns | ||