CloudShark

Tagged: Wireshark

Monday, Aug 6, 2018

Getting started with packet analysis

There’s three questions we get asked the most here at CloudShark: How do I capture packets and get them into CloudShark? Where can I find example packet captures? Where do I start with packet capture analysis? That last question is very important to us, because one of the things we always want to promote is demystifying the use of packet captures to troubleshoot network and security problems. They are really are the best way, and with the right tools and knowledge they can be your first go-to.

Read the whole entry »


Tuesday, Jun 5, 2018

Using filters for navigation and sharing

CloudShark’s display filters are 100% compatible with the Wireshark filters used in packet analysis. With CloudShark, they present a new opportunity for use when sharing your captures with colleagues in order to both present the view you are looking at, or to help navigate to a section of the capture you want them to see. Here’s some tricks we use when getting around town in CloudShark. Filter based on capture content If you know there’s something in the capture you’re looking for immediately, and you want others to see what you’re thinking, you can use the filter ‘frame contains’ to search for a literal string that exists in the capture.

Read the whole entry »


Tuesday, May 29, 2018

What are some easy to use packet capture tools?

A common question we get other than where to find example packet captures is which packet capture tools exist that are either free, work in a command line, work directly with CloudShark, or all of the above. Here’s a list of our go-to capture tools (other than Wireshark of course) and the different scenarios in which they can be used. tshark About ring buffers CloudShark is made to work with capture files directly.

Read the whole entry »


Wednesday, Oct 25, 2017

Where can I find sample packet captures?

CloudShark’s capture repository is great for uploading your own captures and building a complete list of your network capture history and all of the captures that are most important to you. But, one of the most frequent questions we get is “Where can I find sample packet captures?“” Here’s our favorite resources for finding sample packet captures of various protocols and scenarios: Packetlife.net Jeremy Stretch runs the blog packetlife.

Read the whole entry »


Thursday, Nov 6, 2014

Webinar - Packet Capture and Analysis in Wireless Networks

Watch the video. Wireless networks are the most ubiquitous type of network modern IT departments need to deal with. There are many tools for troubleshooting them, but what happens when you need to go to the packet level? How do you capture at the point you need, and how do you get those captures to a place you can analyze them? Join the CloudShark team as we show you:

Read the whole entry »


Friday, May 2, 2014

Five Reasons to Move to the Pcapng Capture Format

The pcap capture file format has been the universal packet capture format since the early days of computer networking. Almost all capture tools support the pcap format. And while vendors have created new formats over the years, most tools support conversion into the pcap format. While pcap continues to be used today, it does have some limitations that make other formats more attractive. A new format called “pcapng” has been under development for a number of years.

Read the whole entry »


Thursday, Nov 7, 2013

Easily Adding Custom Dissectors to CloudShark

It’s no secret that CloudShark uses tshark to generate the data we use in the CloudShark database, resulting in what you see when you view a capture in the CloudShark viewer. CloudShark sorts and caches this information to make it faster and easier for you to get to the information you need, when you need it. The added advantage of using tshark is that all of the most recent dissectors published in the latest versions of Wireshark can be used in CloudShark immediately without any additional work.

Read the whole entry »


Tuesday, Sep 17, 2013

Wireshark Preferences File and RTP Streams

CloudShark 1.9 includes the ability to visualize RTP streams and play them back if they contain audio. For SIP calls, CloudShark will automatically decode the conversation as an RTP stream. However, for other protocols RTP will generally use a random port - not immediately apparent to CloudShark. You can easily work around this using CloudShark’s “decode as” feature, which tells CloudShark to treat data on a given port as a particular protocol of your choice.

Read the whole entry »


Wednesday, Jun 6, 2012

Search for *anything* in a capture - did you know?

The great thing about CloudShark’s capture decode is that it supports all of the standard Wireshark display filters. You may know the common ones, such as searching on ip address or tcp port, or even protocol; but did you know you can search for any ASCII or Hex values in any field throughout the capture? It’s true. The “frame contains” filter will let you pick out only those packets that contain a sequence of any ASCII or Hex value that you specify.

Read the whole entry »


Tuesday, Jan 31, 2012

WireShark Plug-in is Launched!

We’re happy to announce that the CloudShark plug-in for WireShark has been released! Download now and start securing, viewing, and sharing your WireShark captures as they are produced. Or, view our demo video to get a look at the plug-in in action. Happy packet surfing!

Read the whole entry »


About Us

CloudShark is made by QA Cafe, a technology company based in Portsmouth, NH. Our passion for packet captures has grown out of our other product CDRouter.

Get in touch via our Contact us page or by following us on your favorite service: