> I am a newcomer to this group and I am currntly doing research on wireless
> network security. For the research we are trying to build a wireless
> sniffer first. I used pirsmdump to generate save the sniffed packets in
> "sniff.out" file. I was able to inspect the packets using ethereal.
> However I am not able to open this file with tcpdump. When I ran:
>
> tcpdump -X -x -r sniff.out
>
> I got:
>
> tcpdump: unkown data link type 105
No released version of tcpdump supports capturing on, or reading, 802.11
capture files.
You need to get the 3.7 beta version - and link it with the 0.7 beta
version of libpcap, otherwise it still won't know about them.
> What does this error message mean?
It means that the capture file is for a network ("data link") of a type
that the version of tcpdump you're using doesn't support.
> Is there a website that I can check out all the error messages of
> tcpdump?
No.
> Have anyone used ethereal or snort? do they all take the same pcap
> format?
Current versions of Ethereal can read that form of capture file.
(Ethereal's native capture file format is the same as tcpdump's.)
I can't speak for snort.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
