Lisa Bock demonstrates capinfos, which provides statistics about a capture file along with editcap, which can split a large trace file into multiple smaller files based on time or other options.
- [Instructor] When working with packet captures…there are a number of command line tools we can…use to manipulate the packet captures.…One is Capinfos, which provides statistics…about a capture file.…And there's also Editcap, and this works well…with Capinfos because it's able to split…a large trace file into multiple smaller files…along with a number of other editing functions.…I'm at the man page for Editcap at wireshark.org.…
And yes we can do a dash h and see all…the options, but you should become familiar…with all of the documentation Wireshark has to offer.…So as you can see, it tells us a little bit…about the switches that you can use…and how we can output these.…But let's take a look at an example.…I'm in the temporary folder that I created…under the c drive, and I have this capture Spotify.…Now here you can see how large that capture is.…
I'm in the command line interface and the first…thing I'll do is just run Capinfos and have it…tell me a little bit about the size of Spotify.…Now this is outputted to the screen and there…
Author
Lisa Bock
Released
11/14/2018- Tapping into the network
- Baselining the network
- Troubleshooting to discover the cause of a slow network
- Merging traffic
- Sanitizing packet captures
- Capture engines
- Optimizing packet captures
- Basic and advanced IO graphs
- TCP stream graphs
Skill Level Intermediate
Duration
Views
-
Introduction
-
Enhance your skills1m 5s
-
-
1. Tapping into the Stream
-
Enhance your skills2m 7s
-
Network architecture6m 41s
-
Tap into the network4m 20s
-
Baselining the network5m 6s
-
Restrictions and limitations6m 45s
-
Challenge1m 21s
-
Solution4m 15s
-
-
2. Solving Network Problems
-
Network congestion3m 24s
-
Case study: Spotify4m 12s
-
Case study: Multicast3m 55s
-
Merging traffic3m 16s
-
Sanitizing packet captures3m 33s
-
-
3. Capture Engines and Wi-Fi
-
Capture engines4m 22s
-
Install Npcap4m 59s
-
IEEE 802.11 overview4m 47s
-
802.11 packet types5m 14s
-
-
4. Command Line Capture
-
Optimize packet captures5m 7s
-
tshark and dumpcap2m 33s
-
text2pcap and capinfos4m 3s
-
capinfos and editcap3m 13s
-
-
5. IO and Stream Graphs
-
Basic IO graphs5m 59s
-
Conversations and endpoints5m 42s
-
TCP stream graphs6m 46s
-
Advanced IO graphs4m 35s
-
-
Conclusion
-
What's next?1m 13s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: capinfos and editcap