On Sep 3, 2003, at 2:35 PM, Gilbert Ramirez wrote:
\If you do this:
gzip -dc < Snif6.caz > Snif6.cap
then load Snif6.cap in ethereal, all 250 packets appear to be there, *and* match the dissection of Snif6.caz (before it goes bad, that is).
What happens if you then do
gzip Snif6.cap
mv Snif6.cap.gz Snif6.caz (on UNIX) or ren Snif6.cap.gz Snif6.caz (on Windows)
and try to read the resulting .caz file in a Sniffer?
If it works, presumably that means the Sniffer doesn't check the CRC-32. If it doesn't work, presumably that means that the Sniffer is using some other CRC-32 algorithm.
