myITforum and Windows IT Pro Forums

 Wireshark Takes a Long Time to Load a Capture

Author Message
ndaniels

  • Total Posts : 140
  • Scores: 45
  • Reward points : 41110
  • Joined: 2/24/2006
  • Location: The Republic of Elbonia
  • Status: offline
Wireshark Takes a Long Time to Load a Capture Friday, October 13, 2017 11:26 AM (permalink)
0
Just sharing the knowledge here... Wireshark was taking a VERY long time to load my packet capture files and I did not understand why. Thinking my install had become corrupt, I tried uninstalling and reinstalling it to no avail. After an hour of scratching my head, I used Procmon to determine what it was doing while it was frozen and noticed a lot of access attempts against the pre-master file I configured for use with Firefox and Chrome. The pre-master file had become quite large over time and I wasn't clearing it. (I had also forgotten that I was using it for SSL decryption.) I closed Wireshark and all of my web browser sessions, deleted the premaster file, opened Chrome to recreate the premaster file, and then reopened Wireshark. Wireshark was back to normal with no delays in opening capture files. Hope this helps someone else who forgot they are using a premaster file and is having problems loading captures.
 
Reference: Decrypting TLS Browser Traffic With Wireshark - The Easy Way
https://jimshaver.net/201...ireshark-the-easy-way/
 
 
#1
    Online Bookmarks Sharing: Share/Bookmark

    Jump to:

    Current active users

    There are 0 members and 2 guests.

    Icon Legend and Permission

    • New Messages
    • No New Messages
    • Hot Topic w/ New Messages
    • Hot Topic w/o New Messages
    • Locked w/ New Messages
    • Locked w/o New Messages
    • Read Message
    • Post New Thread
    • Reply to message
    • Post New Poll
    • Submit Vote
    • Post reward post
    • Delete my own posts
    • Delete my own threads
    • Rate post

    2000-2017 ASPPlayground.NET Forum Version 3.9