Packet captures courtesy of the Wireshark Wiki

By stretch | Monday, June 2, 2008 at 8:18 a.m. UTC

If you've ever needed to get intimately familiar with a protocol, picking it apart with a packet analyzer is the way to do it. Unfortunately, we often don't have direct or immediate access to the traffic flow we wish to observe. Fortunately there are a number of sources around the web which provide various packet captures pre-assembled and free for download.

One of my favorite such sources is the Sample Captures page of the Wireshark Wiki.


While there is certainly a wealth of captures, the page is admittedly a bit chaotic (wikis aren't the ideal catalyst for file management). Rather than relying on the hastily arranged categories, I recommend doing a full-page text search for items of interest. Sharing is encouraged, and particular requests can be read/fulfilled toward the bottom of the page.

A word of warning: keep in mind that anyone can contribute captures. Given the history of vulnerabilities in some of Wireshark's protocol descriptors, proceed with caution and never open untrusted captures with elevated privileges.

About the Author

Jeremy Stretch is a network engineer living in the Raleigh-Durham, North Carolina area. He is known for his blog and cheat sheets here at Packet Life. You can reach him by email or follow him on Twitter.

Posted in Resources


gary stephenson (guest)
June 3, 2008 at 8:14 a.m. UTC


Brandon Carroll (guest)
June 4, 2008 at 5:57 a.m. UTC

Its ironic, I just taught a group of CCNA students about wireshark yesterday. I think tomorrow I'll share this post with them and let them check out the wireshark wiki. Nicely done! usual.

Aaron Conaway (guest)
June 10, 2008 at 6:45 p.m. UTC

Very nice find. I'm having fun looking at caps of apps I don't run and seeing what the traffic looks like. :)

Comments have closed for this article due to its age.