Packet Filtering Capture Filters This type of filter is used to save only a specific part of the traffic. It is set before capturing traffic and not changeable during the capture. Display Filters This type of filter is used to investigate packets by reducing the number of visible packets, and it is changeable during the … Read more
Link to the TryHackMe room Statistics – Summary This menu provides multiple statistics options ready to investigate to help users see the big picture in terms of the scope of the traffic, available protocols, endpoints and conversations, and some protocol-specific details like DHCP, DNS and HTTP/2. For a security analyst, it is crucial to know … Read more
Filter by IP address: displays all traffic from IP, be it source or destination ip.addr == 192.168.1.1 Filter by source address: display traffic only from IP source ip.src == 192.168.0.1 Filter by destination: display traffic only form IP destination ip.dst == 192.168.0.1 Filter by IP subnet: display traffic from subnet, be it source or destination … Read more