Wireshark mailing list archives
Re: network monitor 3.3 traces cannot be read
From: "Stefaan Pouseele" <stefaan.pouseele () skynet be>
Date: Tue, 20 Jul 2010 09:14:56 +0200
Hi Jason, I've seen that behavior too. Attached you'll find a sample capture taken with Microsoft Network Monitor 3.4. I've tried to open it with Wireshark 1.4.0rc1 with All the frames having a Protocol of UNKNOWN and Info of "WTAP_ENCAP = 0". Best Regards, Stefaan -----Original Message----- From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of DePriest, Jason R. Sent: maandag 19 juli 2010 19:26 To: Community support list for Wireshark Subject: Re: [Wireshark-users] network monitor 3.3 traces cannot be read On Mon, Jul 19, 2010 at 11:02 AM, noah davids <> wrote:
I just tried to read a trace created with Microsoft Network Monitor
version
3.3 using Wireshark version 1.4. All the frames have a Protocol of UNKNOWN and Info of "WTAP_ENCAP = 0". The first two frames appear to be Unicode
text
but starting with frame 3 the hex dump shows it to be an IP packet. "Decode As" is grayed out so I can't even force a decode. Any idea how I
can
read this trace? Noah Davids
Hello, Can you send an example capture to the list? I just captured about 30 seconds of traffic using Microsoft Network Monitor 3.3 and saved it in its default .cap format. I was able to open it in Wireshark 1.2.9 without any problems. -Jason ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Attachment:
NetMon34.cap
Description:
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- network monitor 3.3 traces cannot be read noah davids (Jul 19)
- Re: network monitor 3.3 traces cannot be read Stig Bjørlykke (Jul 19)
- Re: network monitor 3.3 traces cannot be read DePriest, Jason R. (Jul 19)
- Message not available
- Re: network monitor 3.3 traces cannot be read Guy Harris (Jul 20)
- Message not available
- Re: network monitor 3.3 traces cannot be read Stefaan Pouseele (Jul 20)