tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: tcpdump and wireshark

From: Dmitry <mitroko () gmail com>
Date: Mon, 22 Sep 2008 11:42:25 +0400
By ´raw´ data I mean collected binary data from the payloads.
Wireshark does correctly restore binary stream from payloads.
I don´t know how to do this via tcpdump (if it possible off course)

I did extract HTTP reply as binary stream. Divided it with hexedit to
text data (header) and binary data (image object).

Dmitry.

On 9/16/08, Guy Harris <guy () alum mit edu> wrote:


On Sep 15, 2008, at 2:05 PM, Dmitry wrote:


Test one:
I've opened dump with wireshark.
Found stream, filtered it out and saved raw data to file 'dump.hex'


What do you mean by "raw data"?  Do you mean raw *binary* data, or raw
data as a hex dump?

And did you save the raw contents of the packets, or did you extract
the payload of the HTTP reply?

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.


-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: