Follow Chris:

March 1, 2017

Troubleshooting with Wireshark - Filtering on Intra-Subnet Conversations

In most cases, clients are talking to servers to support services requested by users. We typically should not see clients communicating directly with other clients on our subnets, unless there is some file sharing or other type of expected activity.

In this video, we will look at how to filter for intra-subnet conversations - clients talking directly to other clients - and examine what normal vs. abnormal traffic looks like. We will see one client performing a TCP port scan and how to filter for open ports.

Hope this helps you in tracking down strange client behavior.

One comment on “Troubleshooting with Wireshark - Filtering on Intra-Subnet Conversations”

  1. Are you still available for troubleshooting assistance? Also, I would also like to request more information regarding training.

Leave a Reply

Your email address will not be published.

Packet Pioneer is devoted to helping engineers and developers of all experience levels gain comfort with packet analysis.
CONTACT US
crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram