How to interpret some simple TCP Packet Entries


#1

1992 175.133447 192.168.0.4 188.138.100.161 HTTP GET /styles/skyblue/theme/images/icon_logout.gif HTTP/1.1

Now I know this is simply a HTTP request asking for the above file namely icon_logout.gif but what about something like this one

2013 176.200147 192.168.0.4 188.138.100.161 TCP admins-lms > http [RST] Seq=5815 Win=0 Len=0 ?

Do I need to follow the trace the stream in order to determine what the stream is trying to do ? Also could someone please give me an idea of what a GET would look like via using HTTP or FTP ? Would I be able to trace it to the application that is making this request or would that be beyond the scope of Wirehsark ? Lastly could someone explain to me how to search out all GET packets I’ve tried the search options but it does work finding a string within the info field.

Thanks in advance

Victor