Laura ChappellTCP Sequence Number in ACK ScansDuring a recent class, I received a question related to ACK scans. "What Sequence Number would you see on the response to an ACK scan?"...
Laura ChappellIn the Wake of XZ - 3 Steps to Use Wireshark SecurelyThe discovery of malicious code in the XZ utils tarball has shaken up a lot of folks. XZ utils have been removed from Github and the...
Laura ChappellDetect Suspicious Traffic with "TCP Conversation Completeness"In my last blog entry, I explained how Wireshark calculates TCP Conversation Completeness based on the TCP flags and whether data is seen...
Laura ChappellWireshark v4 Profile TemplatesWhen Wireshark v4 was released, I received a number of emails complaining about the new layout (Packet Details side-by-side with Packet...