Building Customized Configuration Profiles
By Phill “Sherlock” Shade
I use Wireshark for practically every network or security related project that utilizes packets (frames) in some manner. Unfortunately, after nearly 30 years of working with networks, I have come to discover a single configuration that works for the multitude of infrastructure and application configuration such as Ethernet, Wireless (WiFi), Voice and Video over IP, Security and Network Forensics to name just a few.
Fortunately, Wireshark has a sometimes-overlooked feature that, when properly used, can help to minimize some of the confusion when switching troubleshooting and analysis focus: Customized Configuration Profiles.
- Determine which Wireshark profile you are currently using:
- Create a new configuration profile:
Note: As with most operations you want to preform within Wireshark, there are multiple ways to achieve the desired results.
Name your new configuration profile:
- Select and modify your newly created profile in accordance with your desired configuration and you are ready to go!
I hope that you found this information useful! This technique and many others are covered in our class:
“TCP/IP Analysis and Troubleshooting with Wireshark“. For additional information on this class and our numerous other offerings, please see our website:
https://www.cybersecurityinstitute.eu/ and look under the Courses Menu.