Re: new dissector - dynamic value string table?

[Max Baker <max () warped org>]

On 02/27/2013 02:07 AM, Gisle Vanem wrote:
> "Max Baker" <max () warped org> wrote:
>
> > I've created a new dissector for USB PTP
> > (http://en.wikipedia.org/wiki/Picture_Transfer_Protocol) .  This is the
> > protocol most digital cameras speak over USB.   I've gotten far enough
> > to do the basic dissection, and I'm pretty stoked on the results!
>
> Just a side-question. Anybody have any experience on USB-snooping
> on Windows? Is it possible at all? The page
> http://wiki.wireshark.org/CaptureSetup/USB
>
> describes how it's done under Linux. This page
> http://benoit.papillault.free.fr/usbsnoop/
>
> describes it for Win, but the project seems abandoned. It would
> be cool it add usb-sniffing to libpcap or Wireshark itself. Ref. airpcap.

I have been successful in an all-windows environment by :
1.  Running Windows inside of Windows using VMWare
2.  Enabling vmvware's usb logging capabilities
3.  Converting their log into PCAP format and then running wireshark.  
I found a script that did this for me, that needed a little bit of
tweaking.   My notes are here : http://nikonhacker.com/wiki/USB_/_PTP


Natively using wireshark is of course much simpler, but requires walking
up stairs and plugging the camera in the linux box :)

h2h,
-m

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe