Filtering Traffic Through Content… Wireshark

Wireshark is my tool of choice for troubleshooting. While most people think of it at the end of the fight, with me it’s always on top of the list.

Recently, I had to look at a problem of a sales application where users reported that “the network was slow”.

The application was developed in-house, didn’t use any of the known application protocols like HTTP or FTP and wasn’t encrypted. In the middle of so many transactions and a working store, how to find the TCP conection that has the transaction to troubleshoot?

Continue reading