July, 2009

  • TCP Data Fields and Properties

    Fields: TCP.Port - Filters on the Source or Destination port. Used to find traffic based on port which is often associated with an application. TCP.Port==80 // filters on the default port for HTTP traffic. TCP.Flags.Reset - Can be used to...
  • SMB Data Fields and Properties

    Properties: Property.SMBFileID - The File ID for any kind of SMB request property.SMBFileID==0x4000 Property.SMBFileName - The file name for an SMB request. This might also represent state information so frame data does not have to exist for...