Re: file format question

[Bill Meier <wmeier () newsguy com>]

On 8/22/2011 4:08 PM, János Löbb wrote:
> Hi,
>
> I do this on an Ubuntu 10.04 server:
>
> root@doppio:~# tcpdump -c1000 net xxx.yy.zz.0/24>  /tmp/tcpdump.pcap
> tcpdump: verbose output suppressed, use -v or -vv for full protocol
> decode listening on eth0, link-type EN10MB (Ethernet), capture size
> 96 bytes 1000 packets captured 1058 packets received by filter
>
> Then I copy it down to my Mac where I have wireshark installed.
> Version 1.3.4 (SVN Rev 32340 from /trunk)

The usual first question: How did you "copy" the file ?

(The copy must be a "binary" copy).


(An additional note: Wireshark 1.3.4 was a development version of 
Wireshark from quite some time ago: we're up to SVN #386..
and Wireshark development versions 1.7...).

If possible, I suggest upgrading to a recent 'stable" version (1.6.1)).


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org?subject=unsubscribe