In this chapter, we discovered that you may want to take a large unmanageable file and turn it into a smaller, more manageable file, so that you can share it with co-workers or preserve the capture for future reference. You learned about the many ways to subset traffic, which includes filtering traffic by IP address, conversation, port number, or stream. We discovered that, after working with a packet capture, there are many options and formats available in Wireshark to preserve the capture. You now know about the many ways to export files, objects, session keys, and packet bytes. Finally, in order to preserve the reasons why the file was important, we discovered how we can add comments to a single packet or an entire capture.

In the next chapter, you will discover CloudShark and learn how you can view captures in your browser from anywhere with internet access. We'll cover the benefits of using CloudShark to share and analyze packet captures with your team. You'll get a good understanding of the filters, graphs, and analysis tools that CloudShark has. In addition, we'll take a look at the many online repositories in order to locate sample captures and enhance our packet analysis skills.