1992 175.133447 192.168.0.4 22.214.171.124 HTTP GET /styles/skyblue/theme/images/icon_logout.gif HTTP/1.1
Now I know this is simply a HTTP request asking for the above file namely icon_logout.gif but what about something like this one
2013 176.200147 192.168.0.4 126.96.36.199 TCP admins-lms > http [RST] Seq=5815 Win=0 Len=0 ?
Do I need to follow the trace the stream in order to determine what the stream is trying to do ? Also could someone please give me an idea of what a GET would look like via using HTTP or FTP ? Would I be able to trace it to the application that is making this request or would that be beyond the scope of Wirehsark ? Lastly could someone explain to me how to search out all GET packets I’ve tried the search options but it does work finding a string within the info field.
Thanks in advance