I am trying to decypher the format of "Network Associates .ENC (DOS-based)" capture files.
I have sofar got to isolating the actual recorded packets in the file, each with a 20 character header with the packet length characters 13 to 15 - but - I am looking specifically now at identifying where in this file packet header is the packet recieved time offset (have a suspiscion that it is in characters 7 to 10 but can't see where) - and where in the 55 character initial preamble of the file is the start date and time (again a suspiscion that it is at characters 28 to 30 and characters 48 to 55). Does anyone have the decode for this file format or know how to decypher the headers ? Cheers Tim Vale Frantic Networks Limited EMail: [EMAIL PROTECTED] Web: www.frantic-networks.com
