Joris Lambrecht wrote: >could you by any chance provide me with an URL where i >could look up the PDU header information for a protocol ?
There are some sites with information about several different protocols, e.g. http://www.protocols.com/pbook/ http://www.networksorcery.com/enp/default0502.htm http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/index.htm There is some more links on the following page: http://www.ethereal.com/links.html Google or a similar search engine may be used to try to get protocol specifications and other documentation for different protocols. Below is a sample of some of the links I got by using a query "decode tds protocol" http://www.google.com/search?q=decode+tds+protocol&hl=sv&lr=&ie=UTF-8&start=60&sa=N "tabular data stream protocol" http://www.google.com/search?hl=sv&ie=ISO-8859-1&q=tabular+data+stream+protocol&lr= and some similar queries: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/architec/8_ar_cs_4k6k.asp http://www.freetds.org/userguide/c49.htm http://www.agron.missouri.edu/Sybase_FAQ/ASE/section7.html#7.3 http://www.ibiblio.org/freetds/tds.html http://ethereal.ntop.org/lists/ethereal-dev/200111/msg00264.html If a protocol has been implemented in Ethereal, then the source code may be very useful. There are often links or references to protocol specifications and similar in the top of the files for the different dissectors. http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-tds.c?rev=HEAD&content-type=text/vnd.viewcvs-markup In the TDS dissector (packet-tds.c) there are a couple of links: http://www.freetds.org/tds.html http://download.nai.com/products/media/sniffer/support/sdos/sybase.pdf .. and actually there is quite long comments about the TDS protocol in the top of the packet-tds.c file. So even if you are not a programmer you may get useful information from the source code comments.
