Hello All,
Brand-new subscriber to this user-list – long time
user of Wireshark. I’ve been trying to determine the easiest method for
matching up packets that have been simultaneously captured on two systems and I
thought, it appears erroneously, that all the info in the packets would match,
including sequence numbers, etc.
For example, I took simultaneous captures on two separate
servers (Solaris servers using snoop) and then loaded both files into Wireshark
to compare. I used the timestamps & IP Identification field to match up
packets. However, the sequence numbers don’t match up. Is this normal?
Thanks!
-Samson