[Wireshark-users] Help on interperation

2007-01-16 Thread Adam S. Roth
Hi: I am a new comer to Wireshark. I was ondering if some of you can provide some insight to some issues I am experincing. I have over 800 error 4770's. So my first question is how bad are 4770 (Incorrect TCP Checksums). I have read it can be a proxy issue which might not be bad. But

Re: [Wireshark-users] Help on Solaris9 Shutdown Problem while Capturing Packets

2007-01-16 Thread Jeff Morriss
ARAMBULO, Norman R. wrote: Hi, Currently we have already installed the ethereal software for our Solaris9 Sparc, but the problem is the blade server shuts down. The scenaio is: 1. We captured sample packets using tethereal with xx bytes. 2. then after analyzing the data, we tried

Re: [Wireshark-users] Help on Inquiry

2007-01-16 Thread Jeff Morriss
ARAMBULO, Norman R. wrote: Hi, Actualy we are planning to use wireshark on a large network so we could further study IP Packtes. Can wireshark support our needs. Thanks and more power. I'm not sure what you mean by that. Certainly Wireshark is good for capturing and analyzing IP

Re: [Wireshark-users] Help on Inquiry

2007-01-16 Thread Guy Harris
On Jan 15, 2007, at 11:58 PM, ARAMBULO, Norman R. wrote: Actualy we are planning to use wireshark on a large network so we could further study IP Packtes. Can wireshark support our needs. Thanks and more power. Study in what sense? I.e., what sort of information do you want to get about

Re: [Wireshark-users] Help on Inquiry

2007-01-16 Thread Sebastien Tandel
tcpdump is made for you. (see the man page saving in multiple files) Regards, Sebastien Tandel ARAMBULO, Norman R. wrote: Hi jeff, Thanks for the info, is there a way we can capture such traffic aside from wireshark, then we would dissect it in another box or like capture packets then

Re: [Wireshark-users] Duplicate Packet ID

2007-01-16 Thread Fardid, Reza
Hi Hans, How does it identify duplicates? Is there a UDP equivalent? Thanks, -Reza -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hans Nilsson Sent: Monday, January 15, 2007 11:46 PM To: Community support list for Wireshark Subject: Re:

Re: [Wireshark-users] Duplicate Packet ID

2007-01-16 Thread Laura Chappell
Reza... Here is an idea, but it will only dump the duplicate packet (not the original) and it is set for TCP only. No UDP equivalent that I know of. tshark -R tcp.analysis.retransmission -w filename Use the capital 'R' to indicate you are using display filter syntax. The

[Wireshark-users] Wireshark SVN crashs when opening certain kerberos traces

2007-01-16 Thread Xiaoguang Liu
Version 0.99.5-SVN-20446 (SVN Rev 20446) on windows xp sp2 please check the trace attached. nodelegation.cap Description: Binary data Krb-contrained-delegation.cap Description: Binary data ___ Wireshark-users mailing list

[Wireshark-users] Specify SSL Keys_list to wireshark-0.99.5-SVN-20434

2007-01-16 Thread Vijay Sitaram
Hi, I am trying to decrypt SSL conversation by using tshark and specifying the SSL Keys List to it: ../GNUDowloads/wireshark-0.99.5-SVN-20434/tshark -V -r Data.cap -o ssl.keys_list: 172.27.1.150,443,http,/home/dir/GNUDowloads/dir2/www.company.com-Key.pem -o ssl.debug_file: