Hey everyone.
I have been messing around with Wireshark and am absolutely loving it right now. As I dig through the weeds of the traces and learn about what everything means, two things have puzzled me. I cannot for the life of me find:
1. The name of the program that generated the network traffic captured in the trace (uses port 63815 I know)
2. The hostname of the machine where the command was executed (I think Apple_44?)
Here is the captured trace on Cloudshark if you want to take a look https://www.cloudshark.org/captures/6439ffce351d
Can anyone find #1 and #2? Am I dumb and missing them in plain sight? There are a lot of options and tools in Wireshark and I am sure I could be missing a setting that yields me these two pieces of data.
Thanks!
No comments:
Post a Comment