Welcome Fellow Packet Analysts/Sniffers, Network Troubleshooters, and Wireshark geeks! We have been asked countless times over the years to share, and provide a sharing place for, Wireshark Profiles.

As most of you who are Wireshark users know, this is perhaps the most important capability of Wireshark that speeds troubleshooting and elimination of false positives. Check out this video on the power of Wireshark Profiles: https://youtu.be/tSzgcEB9f54

You can also get these profiles from our repository on our web site: https://www.cellstream.com/resources/wireshark-profiles-repository and you can join our Wireshark Profiles channel on Slack: https://cellstreaminc.slack.com/archives/C02E5KJDBEX

Yet there are almost no repositories for Wireshark profiles.

What????

In fact, I just attended a Wireshark related Webinar where one of the presenters said (and I quote exactly) they "do not like sharing profiles", because, they said "you don't know what things have been set in the profiles that you yourself have not created"!

What????

I mean, I get the point, someone could sneak something into the profile that is bad. So you should be wary of this. You should unzip a zipped profile and make sure it only contains TXT files. That said, this is no reason to not share profiles. It's like saying you should not use open source software because you never know who inserted something into the code. Possible, but in the long run, as long as you are wary, this thinking is ridiculous.

We try to state below what changes we have made, additions to, etc. the profiles we offer. WE DO NOT POST ANYTHING WE WOULD CONSIDER SHADY.

How To Use Our Repository Profiles To use any of the profiles here, simply download the profile(s) you want, and unzip them into the Wireshark profiles directory.

In Windows, you can find the profiles directory by clicking Help> About Wireshark> Folders Tab, and then select the Personal Configuration hyperlink to open File Manager. In MAC OSx, you can find the profiles directory by clicking Wireshark> About Wireshark> Folders Tab, and then select the Personal Configuration hyperlink to open Finder. In Linux, you can find the profiles directory by clicking Help> About Wireshark> Folders Tab, and then select the Personal Configuration hyperlink to open the default file manager. From the terminal try: cd /home/{user}/.config/wireshark or if you are already in your user home directory, just cd /.config/wireshark If you do not see a "profiles" folder, then create one (all lower case).

We have always shared our profiles, but we have never opened up a place for others to share back! So after much consideration, we have decided to give this a try!

Contribute to Our Profile Repository We have always had the position that it would be unsafe to simply open this up to anyone who wishes to upload anything. So if you wish to contribute a profile, or you modify/improve one of these profiles, please zip up the profile and email me ([email protected])! I will post sent profiles here.

Also, feel free to browse our other Wireshark related articles and information here: https://www.cellstream.com/component/tags/tag/wireshark

Did I just save you time and $$$ - buy me a coffee: https://www.buymeacoffee.com/awalding or become a patron: https://www.patreon.com/bePatron?u=22427713&redirect_uri=https%3A%2F%2Fwww.cellstream.com%2Fcomponent%2Ftags%2Ftag%2Fwireshark&utm_medium=widget

Thanks for supporting my work.