Wireshark is a packet sniffer and analysis tool that can be resource intensive. To optimize packet capture, Lisa Bock covers some options, along with using CLI tools to capture traffic, and demonstrates using Netsh, a command line packet capture tool.
- [Instructor] Wireshark is software…that's a packet sniffer and analysis tool.…Because Wireshark has a rich graphical interface,…it may need additional processing…that might use CPU and GPU as well as memory over time.…This can lead to memory errors…and system performance issues.…Using Wireshark to capture packets…may have an unexpected drain on your system resources.…Wireshark and several other software packet analysis tools…are free and work with most operating systems.…
However, there are also some commercial sniffer products…that are more robust.…In addition, there are dedicated appliances…that are designed for optimal capture capture…and minimal packet loss.…Some things you can do to optimize packet capture…is when capturing during troubleshooting…or while baselining, quit any unnecessary programs.…You could also use a ring buffer…if you're simply monitoring for a certain type of traffic…but to really optimize packet capture,…you can use a command line interface tool.…
In Unix or Unix-like operating systems…
Author
Lisa Bock
Released
11/14/2018- Tapping into the network
- Baselining the network
- Troubleshooting to discover the cause of a slow network
- Merging traffic
- Sanitizing packet captures
- Capture engines
- Optimizing packet captures
- Basic and advanced IO graphs
- TCP stream graphs
Skill Level Intermediate
Duration
Views
-
Introduction
-
Enhance your skills1m 5s
-
-
1. Tapping into the Stream
-
Enhance your skills2m 7s
-
Network architecture6m 41s
-
Tap into the network4m 20s
-
Baselining the network5m 6s
-
Restrictions and limitations6m 45s
-
Challenge1m 21s
-
Solution4m 15s
-
-
2. Solving Network Problems
-
Network congestion3m 24s
-
Case study: Spotify4m 12s
-
Case study: Multicast3m 55s
-
Merging traffic3m 16s
-
Sanitizing packet captures3m 33s
-
-
3. Capture Engines and Wi-Fi
-
Capture engines4m 22s
-
Install Npcap4m 59s
-
IEEE 802.11 overview4m 47s
-
802.11 packet types5m 14s
-
-
4. Command Line Capture
-
Optimize packet captures5m 7s
-
tshark and dumpcap2m 33s
-
text2pcap and capinfos4m 3s
-
capinfos and editcap3m 13s
-
-
5. IO and Stream Graphs
-
Basic IO graphs5m 59s
-
Conversations and endpoints5m 42s
-
TCP stream graphs6m 46s
-
Advanced IO graphs4m 35s
-
-
Conclusion
-
What's next?1m 13s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Optimize packet captures