Chapter 7. Advanced Topics

Table of Contents

7.1. Introduction
7.2. Following TCP streams
7.2.1. The “Follow TCP Stream” dialog box
7.3. Show Packet Bytes
7.3.1. Decode as
7.3.2. Show as
7.4. Expert Information
7.4.1. Expert Info Entries
7.4.2. “Expert Info” dialog
7.4.3. “Colorized” Protocol Details Tree
7.4.4. “Expert” Packet List Column (optional)
7.5. Time Stamps
7.5.1. Wireshark internals
7.5.2. Capture file formats
7.5.3. Accuracy
7.6. Time Zones
7.6.1. Set your computer’s time correctly!
7.6.2. Wireshark and Time Zones
7.7. Packet Reassembly
7.7.1. What is it?
7.7.2. How Wireshark handles it
7.8. Name Resolution
7.8.1. Name Resolution drawbacks
7.8.2. Ethernet name resolution (MAC layer)
7.8.3. IP name resolution (network layer)
7.8.4. TCP/UDP port name resolution (transport layer)
7.8.5. VLAN ID resolution
7.9. Checksums
7.9.1. Wireshark checksum validation
7.9.2. Checksum offloading

7.1. Introduction

This chapter some of Wireshark’s advanced features.