Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] analysis filter result

From: Chris Maynard <Chris.Maynard@xxxxxxxxx>
Date: Tue, 8 Mar 2011 04:26:50 +0000 (UTC)
farizan <farizan.pjan@...> writes:

> can anyone help me to analysis tcp,udp,icmp and mac broadcast address result
that captured using wireshark?

You might start here: 
http://wiki.wireshark.org/InternetProtocolFamily
http://wiki.wireshark.org/Ethernet

Some relevant RFC's: 
UDP: http://tools.ietf.org/html/rfc768
ICMP: http://tools.ietf.org/html/rfc792
TCP: http://tools.ietf.org/html/rfc793

Some folks (among many others) that provide training:
http://www.wiresharktraining.com/

And Richard Stevens can probably help you too:
http://www.amazon.com/TCP-Illustrated-Vol-Addison-Wesley-Professional/dp/0201633469/ref=sr_1_1?ie=UTF8&qid=1299557516&sr=8-1