Re: Wireshark-users Digest, Vol 50, Issue 18

["noah davids" <ndav1 () cox net>]

I just downloaded and install "Version 1.5.0-SVN-33559 (SVN Rev 33559 from 
/trunk)" but I still cannot read the trace, there is no change in behavior.

Someone else tried to read the trace with a 1.2 version of wireshark and had 
no problems, it appears to be an issue with version 1.4 (and it appears 
later).

How do I upload a binary trace as an example?


Noah Davids
=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Serendipity is a function of bandwidth

If you are not the intended recipient of this E-mail it would be nice if you 
deleted it and notified me that you received it incorrectly. On the other 
hand, E-mail in an insecure mechanism; nothing in this E-mail can be 
considered confidential. I have no doubts that copies of this E-mail have 
been archived by my ISP, your ISP and probably the FBI, CIA and NSA. I 
suspect that Interpol, MI-6, SVR (think KGB) and MSS (Chinese) will have 
copies shortly, the NSIS (Kenya) will have it by the end of the week.


> Message: 2
> Date: Mon, 19 Jul 2010 09:02:01 -0700
> From: "noah davids" <ndav1 () cox net>
> Subject: [Wireshark-users] network monitor 3.3 traces cannot be read
> To: <wireshark-users () wireshark org>
> Message-ID: <5AE6243C91B5411FB04F45D5E8FDF4C3@noahdesk>
> Content-Type: text/plain; charset="iso-8859-1"
>
> I just tried to read a trace created with Microsoft Network Monitor 
> version 3.3 using Wireshark version 1.4. All the frames have a Protocol of 
> UNKNOWN and Info of "WTAP_ENCAP = 0". The first two frames appear to be 
> Unicode text but starting with frame 3 the hex dump shows it to be an IP 
> packet.
>
> "Decode As" is grayed out so I can't even force a decode. Any idea how I 
> can read this trace?
>
>
> Noah Davids


> Message: 4
> Date: Mon, 19 Jul 2010 19:24:28 +0200
> From: Stig Bj?rlykke <stig () bjorlykke org>
> Subject: Re: [Wireshark-users] network monitor 3.3 traces cannot be
> read
> To: Community support list for Wireshark
> <wireshark-users () wireshark org>
> Message-ID:
> <AANLkTimG4wsN2bN634xeJmHE97eH0Kje9cO2X43iYY4z () mail gmail com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On Mon, Jul 19, 2010 at 6:02 PM, noah davids <ndav1 () cox net> wrote:
> > Any idea how I can read this trace?
>
> Sure, try the latest build from the buildbot:
> http://www.wireshark.org/download/automated/
>
>
>
> -- 
> Stig Bj?rlykke
>
>
> ------------------------------
>
> Message: 5
> Date: Mon, 19 Jul 2010 12:25:41 -0500
> From: "DePriest, Jason R." <jrdepriest () gmail com>
> Subject: Re: [Wireshark-users] network monitor 3.3 traces cannot be
> read
> To: Community support list for Wireshark
> <wireshark-users () wireshark org>
> Message-ID:
> <AANLkTikZqXDzMayMuHZ2tiA8Cm2w0PBsJbqsQiplTf0y () mail gmail com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Hello,
>
> Can you send an example capture to the list?
>
> I just captured about 30 seconds of traffic using Microsoft Network
> Monitor 3.3 and saved it in its default .cap format.  I was able to
> open it in Wireshark 1.2.9 without any problems.
>
> -Jason

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe