上QQ阅读APP看书,第一时间看更新
Name resolution
Name Resolution is the translation of layer 2 (MAC addresses), layer 3 (IP addresses), and layer 4 (port numbers) into meaningful information.
Name Resolution
In the screenshot, we see that the MAC address 34:08:04:16:09:78 (from D-Link), the website (that is, www.facebook.com), and the HTTPs port number (that is 443).
The MAC address is the most simple translation: Wireshark look at the translation table (stored in .manuf file under the Wireshark directory). IP addresses are translated using DNS, and as described earlier in this chapter can cause some performance issues. TCP/UDP port numbers are stored in the Services file under the Wireshark directory.