Wireshark-users: Re: [Wireshark-users] protocols to keep enabled?
Lee,

I have created multiple profiles depending on the situation I am in.
They gradually are changed as needed.

I recommend the use of profiles if you have different circumstances so you can enable or disable features where applicable and also make sure you have the most relevant information in your overview.

That in itself is an art that can save you valuable time when you use Wireshark a lot.



Hugo van der Kooij
network engineer

QSight IT

T : +31 15 888 0 345

F : +31 15 888 0 445
E : [email protected]
I : http://www.qsight.nl

Delft - Noord-Oost - Zuid
QSight IT Wintermarkt 13 december 2016
https://www.qsight.nl/evenementen/qsight-it-wintermarkt-2016

-----Oorspronkelijk bericht-----
Van: [email protected] [mailto:[email protected]] Namens Lee
Verzonden: Wednesday, 30 November, 2016 17:21
Aan: [email protected]
Onderwerp: [Wireshark-users] protocols to keep enabled?

Is there a write-up somewhere showing which protocols should be enabled for different scenarios?

I did a capture & the source picked tcp port 4556 for sending so wireshark decides it's "tcp bundle" protocol and displays much garbage.
Analyze / Enabled Protocols
remove the checkmark next to Bundle
click on Save

and garbage goes away :)   But while I was there I noticed about 500
lines of Bluetooth GATT protocols; I'm guessing that I'm not going to be looking at any bluetooth anything, so _way_ too many clicks later all that is turned off.  Any recommendations on what else should be turned off?

Thanks,
Lee
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <[email protected]>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:[email protected]?subject=unsubscribe