The magic part is that you can also do dynamic matching. That’s something that everyone who ever used with Wireshark knows really well. You can see how this looks like in the GUI in the following screenshot. For example, to find all the communication of source IP address 192.169.1.140 the filter would look like this. We all know that in the filter bar of Wireshark we can write a simple filter based on the source IP address. The idea is to have a button in Wireshark‘s GUI that you can click when you have selected a frame for a source IP you are interested in, and it will dynamically create a filter to show you only the frames that are related to this IP address. Yesterday I learned a super useful trick for Wireshark.
0 kommentar(er)
