tcpdump mailing list archives
Tcpdump time discrepancy (vs ethereal/tcptrace)
From: Aaron Mitchell <amitchel () masaka cs ohiou edu>
Date: Thu, 22 Jul 2004 16:47:30 -0400
I've noticed a peculiar behavior. Given the same hand-crafted
dump file (with an intended time of 5:36 on Jan 1, 1970), tcpdump
reports a time of 6:36 for default output, and a time of 10:36 when
run with the -tttt option ("supposedly" same time with date info
prepended). Both ethereal and tcptrace report the predicted time of
5:36.
The tested file can be found at:
http://masaka.cs.ohiou.edu/~amitchel/timebug.dmp
(Please note that not all packet fields are valid [including
checksums]. It exists simply for testing purposes).
--
Aaron Mitchell <amitchel () cs ohiou edu>
http://oak.cats.ohiou.edu/~am283298/
----- End forwarded message -----
--
Aaron Mitchell <amitchel () cs ohiou edu>
http://oak.cats.ohiou.edu/~am283298/
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- Tcpdump time discrepancy (vs ethereal/tcptrace) Aaron Mitchell (Jul 22)
- Re: Tcpdump time discrepancy (vs ethereal/tcptrace) Guy Harris (Jul 22)
- Re: Tcpdump time discrepancy (vs ethereal/tcptrace) Michael Richardson (Jul 22)
- Re: Tcpdump time discrepancy (vs ethereal/tcptrace) Guy Harris (Jul 23)
- Re: Tcpdump time discrepancy (vs ethereal/tcptrace) Michael Richardson (Jul 22)
- Re: Tcpdump time discrepancy (vs ethereal/tcptrace) Guy Harris (Jul 22)