802.11 Frame Decryption and the Find Packet function

[Frank Barta <fbarta () gmail com>]

Hello,

I have a question about the Find Packet function in Wireshark. If I am
looking at an 802.11 capture, and I have decrypted WPA TKIP data, will the
find function also look in the Decrypted TKIP data for HEX Values or will it
only look in the original Frame data? Trying to tie some data together
across several captures at different points on a network and right now the
WiFi is the missing link.

Version 1.2.3 (SVN Rev 30730)

Copyright 1998-2009 Gerald Combs <gerald () wireshark org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.16.2, with GLib 2.20.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI
0.4.8,
with c-ares 1.6.0, with Lua 5.1, with GnuTLS 2.8.1, with Gcrypt 1.4.4, with
MIT
Kerberos, with GeoIP, with PortAudio V19-devel (built Oct 27 2009), with
AirPcap.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.1
(packet.dll version 4.1.0.1753), based on libpcap version 1.0 branch
1_0_rel0b
(20091008), GnuTLS 2.8.1, Gcrypt 1.4.4, with AirPcap 4.0.0 build 1480.

Built using Microsoft Visual C++ 9.0 build 30729

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.

Thanks for any feedback provided,

- Frank B

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe