Hello,
I'm trying to write a small program that will extract some statistics
from CAPs containing SMB traffic.
Since this is a small program I want to use Wireshark/tcpdump to
filter out all other traffic and let the program assume that all the
packets are SMB.
My problem is that many SMB
J P wrote:
Thanx Jaap!
DUMPCAP seems to work in my testing so far.
Am I correct to assume that I can run two instances of DUMPCAP on two
Different interfaces at the same time? (I do not have access to my
production machine right now)
Yes, it should be fine.
These are the DUMPCAP
Point taken - it was actually a mockup typo.
Put the commands into the production box - works great!
It even worked from a NON Admin XP account.
Thanx Jeff and Jaap for your assistance!
___
Wireshark-users mailing list
Wireshark-users@wireshark.org
Thanx Jaap - DUMPCAP Works Great! Even from a NON Admin XP account!
___
Wireshark-users mailing list
Wireshark-users@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-users
John Smith wrote:
Is there a way to export caps from Wireshark with the TCP `magically`
reassemebled so that my program can just treat the split packets as
really big TCP packets(ignoring the ethernet MTU)?
No.
However, there *is* a way to construct a tap that will get handed
information
Is there a way/tool that can replace IP addresses with face ones without
screwing up the capture file? Its for end-user secrecy and what not.
Alex Lee
___
Wireshark-users mailing list
Wireshark-users@wireshark.org
On Aug 24, 2007, at 11:55 AM, Alex Lee wrote:
Is there a way/tool that can replace IP addresses with face ones
without screwing up the capture file? Its for end-user secrecy and
what not.
Bit-Twist:
http://bittwist.sourceforge.net/
might be able to do that, as might sanitize:
Hi there,
I'm new here. I have lots of SS7 message traces which
are in hexdump text file format, is there any tool can
convert such file to a wreshark readable format?
Thanks
JZ
Got a little couch