You’re missing the setup handshakes and termination tcp packets.
The unfortunate thing is that this filter isn’t showing the whole picture. You’ll notice that all the packets in the list show HTTP for the protocol. To display packets using the HTTP protocol you can enter the following filter in the Display Filter Toolbar: http is a good one because they have a very large site that loads a lot of information and (at the time of writing this) they have not switched to HTTPS, sadly. To start this analysis start your Wireshark capture and browse some HTTP sites (not HTTPS). Many people think the http filter is enough, but you end up missing the handshake and termination packets.
Filtering HTTP traffic in Wireshark is a fairly trivial task but it does require the use of a few different filters to get the whole picture.
0 kommentar(er)
