Wireshark features
Wireshark is loaded with some awesome features. Let's go through a few, though there are more.
Decode-As
The Decode-As feature allows Wireshark to decode the packet based on the selected protocol. Usually Wireshark will automatically identify and decode incoming packets based on the standard port—for example, port 443 will be decoded as SSL. If the services are running on the non-standard port, for example SSL standard port is 443 and the service is running on 4433, in this case the Decode-As feature can be used to decode this communication using the SSL protocol preference.
Open the sample https.pcap file from. HTTPS traffic is captured when the file is opened in Wireshark. It doesn't show SSL-related data; instead it just shows all TCP communications:
To decode this traffic as SSL, follow these steps:
- Click on Analyze | Decode As:
- The Decode As popup will appear as shown in the following screenshot. Choose the protocol (SSL in this example) that is required...
