Wireshark - Where to start? Take a look at Expert Information

 Often, when you are looking at the tcpdump, you will question yourself... What are you looking at? Where should I start?

In Wireshark, there is a Expert Information at the Analyze menu

It will tell you analysis information that is detected by Wireshark. There could be Error, Warning, Note, Chat message and these are based on Wireshark tagging base on packet characteristic. See Wireshark TCP Analysis for more details. It will also tell you the count of each type of message.

From the above example, the first thing that catch my eyes are 

• Connection reset message
• Retransmission anb Duplicate Ack message
• Any not capture related message

If you expand each category, Wireshark will show you the packets summary that is related to the message. You can further drill into the packet by double clicking the packet row.