Open In App

Sametime in Wireshark

Last Updated : 26 Oct, 2022
Improve
Improve
Like Article
Like
Save
Share
Report

Research found that around 86 percent of vulnerabilities are found in the full stack development sector. Hence, there is an utmost need to cope with these to make platforms secure. One of the common attack point is network because every single byte is transferred through the network hence attackers try to sniff useful information, so for such situations Wireshark was launched which provides detailed analyses of the network and has tools to check security so to counter those for users safety.

Sametime can be understood as a protocol which was developed for Sametime software of IBM. This protocol helps in connecting to the IBM server with the help of Meanwhile library. It helps in accessing directory services with the help of Lightweight Directory Access Protocol (LDAP) and TCP/IP protocol. 

Sametime in Wireshark:

It is a window in Wireshark that is used to analyze data packets using Sametime protocol for connecting to a server or accessing directory services. Sametime traffic is separated by the Wireshark by analyzing the port number as it utilizes port 1533. User status, send type and message type information is gathered through Sametime statistics window in Wireshark.

This window can be seen under Statistics tab, see the below image:

Wireshark Statistics Menu

 

On clicking, it is various data fields are visible which contain lots of information:

Messages of sametime from statistics menu

 

  • Topic/Item : This field provides information about address message like IAM (Initial Address Message), SAM (Subsequent address message), ACM (Address Complete Message) etc.
  • Count : It shows the count of Sametime data packets.
  • Average: It shows the average value for a data packet required for connection using Sametime protocol.
  • Min Val: It shows the minimum value required by Sametime traffic for stable connection to server.
  • Max Val: It shows the upper limit of Sametime traffic for stable connection to server.
  • Rate: It is used to show the transfer rate of bits which is used in checking the stability of the signal.
  • Percent: It shows the percentage of data of each Sametime data packet.
  • Burst Rate: It is the maximum capacity of transmitting data in a specified time span.
  • Burst Start: Bust start is the time point when burst starts.

Let’s understand with captured data

Samtime on Wireshark

 

In the above picture SAMETIME protocol is used for connecting to SAMETIME server and the packet sent is used for handshake. All the necessary fields like burst rate and burst start can be seen for detailed analysis.

Conclusion:

It can be concluded that SAMETIME protocol is used while interacting with SAMETIME server and the data packets can be captured using Wireshark for analyzing things like message type, user status, send type, message count etc.


Like Article
Suggest improvement
Next
Time Stamps in Wireshark
Share your thoughts in the comments

Similar Reads

SNMP Users Table in Wireshark
SMI (MIB and PIB) Paths in Wireshark
Viewing Packets You Have Captured in Wireshark
ONC-RPC Programs in Wireshark
Bluetooth Devices in Wireshark
Steps of Marking Packets in Wireshark
MATE’s Configuration Library in Wireshark
ARP in Wireshark
HART-IP in Wireshark
Packet Details Pane Functions in Wireshark

L
lastbitcoder
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox