Hot!Wireshark Takes a Long Time to Load a Capture

Expert Member
  • Total Posts : 140
  • Scores: 45
  • Reward points: 41110
  • Joined: 2006/02/24 10:07:19
  • Location: The Republic of Elbonia
  • Status: offline
2017/10/13 10:26:59 (permalink)

Wireshark Takes a Long Time to Load a Capture

Just sharing the knowledge here... Wireshark was taking a VERY long time to load my packet capture files and I did not understand why. Thinking my install had become corrupt, I tried uninstalling and reinstalling it to no avail. After an hour of scratching my head, I used Procmon to determine what it was doing while it was frozen and noticed a lot of access attempts against the pre-master file I configured for use with Firefox and Chrome. The pre-master file had become quite large over time and I wasn't clearing it. (I had also forgotten that I was using it for SSL decryption.) I closed Wireshark and all of my web browser sessions, deleted the premaster file, opened Chrome to recreate the premaster file, and then reopened Wireshark. Wireshark was back to normal with no delays in opening capture files. Hope this helps someone else who forgot they are using a premaster file and is having problems loading captures.
Reference: Decrypting TLS Browser Traffic With Wireshark - The Easy Way

0 Replies Related Threads

    Jump to:
    © 2018 APG vNext Commercial Version 5.5