Wireshark-dev: Re: [Wireshark-dev] Feedback: Wireshark User's Guide
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Brian Drab <BrianD@xxxxxxxxxxxxxxxxxx>
Date: Sun, 17 Sep 2006 22:37:50 -0400

 

Hi Ulf –

 

I couldn’t figure out how to keep this reply a part of the original thread but I wanted to answer your question.

 

As a user, I have read the user guide completely twice. I was hoping that the 2nd time around would make it easier. I don’t know that I can tell you what is missing however I can tell you what types of questions remain vague even after reading the manual twice, the entire WIKI twice and some threads on Google. Maybe this will help.

 

  1. As you mentioned, what exactly to look for after a capture is complete (how to analyze it). Oh I can capture traffic but analyzing it is a different story.
  2. I would ask myself what are some really good examples of when I would/could use this tool? Some scenarios would be fantastic. For example….users are calling you telling you that your internet connection is crawling. I need to find out why. Could this help? Where exactly would I capture the traffic from? The web server? The Cable Modem? My machine? I have read on the WIKI about “switched networks” and how certain switches can be configured to flow all traffic through a port, etc. But what I’m confused on is “Isn’t every business on a switched network”? It struck me odd that capturing traffic on a switched network wasn’t part of the manual. This made me think that maybe at my company I’m not on a switched network??

    I was setting up a Wake on LAN at our company and was trying to troubleshoot why certain machines didn’t work. I met all the requirements…a PCI 2.1 compliant motherboard, a WOL capable network card, the WOL cable connected, BIOS enabled and updated, OS set properly, etc. So I figured I would try to use this tool to see what the Wake On LAN packet looked like going to a machine that worked and then one when it didn’t work to see if I could see a difference. Well I made the capture but couldn’t find anything (not really sure what to look for).

    Another one is a user is having a problem authenticating on our Domain and keeps getting locked out. Could this tool help in this situation and how?

  3. I downloaded many example captures but then I would say to myself, OK but what types of problems could I encounter where capturing these types of packets would be helpful???

 

I don’t know that this was helpful at all but I wanted to answer your question.

 

 

-----------------------------------------------------------------------------------------

 

Question:

 

I know that a general guide description how to analyze a capture file is currently missing (and potentially would be much larger than the current User's Guide itself).

 

Are there other things currently missing in the guide that have to be added? As a developer myself I'm maybe unaware of problems an "ordinary" user might have and missing topics that are just obvious to me.

 

Regards, ULFL