Tony Fortunato
Mar 111 min
In my last blog entry, I explained how Wireshark calculates TCP Conversation Completeness based on the TCP flags and whether data is seen in a TCP conversation (stream).
To use this feature, I recommend that you add three columns to Wireshark:
tcp.completeness
Heres the link to the full post
https://www.chappell-university.com/post/detect-suspicious-traffic-with-tcp-completeness