Archive for July, 2014

  1. Determining TCP Initial Round Trip Time

    I was sitting in the back in Landis TCP Reassembly talk at Sharkfest 2014 (working on my slides for my next talk) when at the end one of the attendees approached me and asked me to explain determining TCP initial RTT to him again. I asked him for a piece of paper and a pen, […]

  2. Wireshark File Storage

    Sometimes it is important to know how Wireshark captures packets, and when it is writing them to disk. One of the common questions is “how can I avoid writing packets to disk, and just capture them in memory?”.