Wednesday, December 31, 2014

Packet Capture: How To Graph Time Delay Between Packets

If you dont like to look at the time column in Wireshark, sometimes its helpful to graph it out.  Some people are just visual, and it helps to actually see a graph.  I went to a website and captured it.  Here is how I could read the graphs.
Here is the total graph, as I saw it:


So, I filtered on the packets I wanted to see.  Notice in my filter "tcp.stream eq 21".  When I click on the first dot, notice that it highlights the packet as well.


Then, there is a .06 ms delay to the next packet:


Next, there is about a .02 ms delay to the next packet.  Also, notice the size of the packet in the graph (and the "length" in the column of the capture):


Next packet is microseconds behind:


Next packet:


And the last:


Good stuff.
Posted by

No comments:

Post a Comment

Your comment will be reviewed for approval. Thank you for submitting your comments.

Subscribe to: Post Comments (Atom)