Usefulness of packets in wireshark? SSDP protocol, rather than HTTP?

macos wireshark sniffing
7,438

Solution 1

... all of the HTTP traffic is coming through as the SSDP protocol ...

Nope, all of your HTTP traffic is still coming over traditional TCP. You are just being flooded with SSDP packets and unable to separate these from real HTTP packets.

Easiest way to filter the "real" HTTP traffic is to type in to the Wireshark filter box:

http && tcp

And likewise if you wish to view (mostly) SSDP HTTP packets use this for filtering:

http && udp

Solution 2

SSDP is just like HTTP except it works with NOTIFY and M-SEARCH methods. If you use the filter http in Wireshark, you'll still see these packets displayed. This protocol allows you to discover and configure devices using uPnP automatically, this process is referred to as SSDP Discovery. If you're using iChat, I know that application for a fact uses SSDP. Basically it just detects and configures communications with other uPnP devices on the network for you.

Share:
7,438

Related videos on Youtube

Jimmy Lyke
Author by

Jimmy Lyke

Updated on September 17, 2022

Comments

  • Jimmy Lyke
    Jimmy Lyke over 1 year

    I used to be able to filter my wireshark packets to get useful information from them. However, with my current configuration on OSX, all of the HTTP traffic is coming through as the SSDP protocol and is generally being unhelpful. Why is this?

    Actually, it seems that packets on my own system that should be HTTP are coming throuhg as HTTP, but packets from other machines that should be HTTP are coming through as this protocol.

  • Jimmy Lyke
    Jimmy Lyke about 14 years
    Right. But how can I view these like normal HTTP packets (such as the get and post parameters)?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Sniffing Facebook chats with Wireshark
how to capture only SMTP using latest Wireshark 2.2.6 or later
How do I know if my wireless card is capable of packet injection?
How do I put my wireless interface back into managed mode from monitor mode in Mac OS X without rebooting?
Wireshark loopback on mac os x
How do I limit packet capturing in Wireshark to only a specific protocol?
Sniffing the Router for Packets
Wireshark filtering for one network
Can I collect wireless packets using Wireshark while being connected to the Internet via cable?
Wireshark only capturing beacon frames