Wireshark on disabling TCP dissector shows a different packet [closed]

  • retag add tags

Hi

I have a Wireshark capture in which there is a TCP packet that is not categorized as HTTP. However, on opening the packet, I am able to observe a 200 OK. When I disable the TCP dissector to merge multiple streams, it shows the same packet as HTTP packet with 200 OK. This particular packet is only one single TCP stream. I do not see any other TCP packet which was a part of this packet had it not been merged. The packet number is 94 which I observe the issue with.

Wireshark capture at this link http://s000.tinyupload.com/?file_id=0...

onceuponadime's avatar
1
onceuponadime
asked 2018-03-08 15:51:43 +0000, updated 2018-03-08 15:54:09 +0000
edit flag offensive 0 remove flag reopen merge delete

Closed for the following reason "duplicate question" by onceuponadime 2018-03-08 16:26:41 +0000

Comments

Yet another site I can't access from my corporate network.

Security risk blocked for your protection 
Reason: This Websense category is blocked: Malicious Web Sites. Sites in this category may pose a security threat to network resources or private information, and are blocked.

Someone else will have to look at this, or you could possibly try to attach the capture file here using one of the tricks I described in my answer to an old question here.

cmaynard's avatar cmaynard (2018-03-08 16:15:18 +0000) edit
more
  • delete

Never mind, I found the answer here https://osqa-ask.wireshark.org/questi...

onceuponadime's avatar onceuponadime (2018-03-08 16:26:33 +0000) edit
more
  • delete
add a comment see more comments