Wireshark uses tables to show data and statistics to the user. The summarized data displayed in tables reduce the complexity of the information and make it easy for the user to analyze. For managing and editing these tables in Wireshark, the User Table editor is used. Wireshark‘s ESS Category Attributes is a user table to map ESS Security Category attributes to textual representations. This user table uses values stored in XML SPIF (Security Policy Information File) to fill the table. The XML SPIF is a file that is used for defining security labels.
Steps To Open ESS Category Attributes:
Step 1: Start the Wireshark by selecting the network we want to analyze or opening any previously saved captured file.
Step 2: Now go into the Wireshark and click on the Edit → Preferences menu or toolbar item.
This will open Wireshark’s “Preferences” dialogue box.
Step 3: On the “Preferences” dialogue box, click on the drop-down option “Protocols”. All the available protocols that Wireshark supports are listed down below.
Step 4: Now scroll down and search for the “ESS”.
Step 5: Now just click on the “Edit” option. This will bring up Wireshark’s ESS Category Attributes table.
This users’ table has the following fields :
- Tag Set: It displays an Object Identifier representing the Category Tag Set.
- Value: It displays the value representing the Category.
- Name: It displays the textual representation of the value.
This user table contains the following controls :
- “ +” : For adding a new entry in the user table.
- “—”: For removing any existing entry from the user table
- “ ∧ “: For moving up in the entries.
- “ ∨ “: For down in the entries.
- Copy: For creating a duplicate of the selected entry.
- Clear: For clearing all the existing entries from the user table.