When capturing packets with 802.1Q VLAN headers most of my capture
filters no longer work.
Presumably, this is due to the offset created by the 4-byte header.
How does one adjust for the offset to regain capture filter functionality?
___
Wireshark-us
On Mar 13, 2008, at 3:21 PM, Andrea Faver wrote:
> i'm trying to convert a pcap file (made with WIRESHARK) to a ivs file
> with aircrack ivstools.exe but it doesn't recognize the file. how
> can i
> do it?
> When i save my captured packed in WIRESHARK, in wich format should i
> do
> it? (i ha
On Fri, Mar 14, 2008 at 10:57:01AM +1000, stephen galowski wrote:
> with regard to wireless setup
> i am wondering why , the wireless toolbar does not work
> on my laptop with a inbuilt 2.4 and 5ghz
The wireless toolbar in Wireshark? It's or AirPcap use only:
http://www.cacetech.com/pro
with regard to wireless setup
i am wondering why , the wireless toolbar does not work
on my laptop with a inbuilt 2.4 and 5ghz
Stephen
---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 080313-0, 13/03/2008
Tested on: 14/03/2008 10:57:06 AM
avast! - copyright (c) 1988-2008
Stephen Fisher ha scritto:
> On Thu, Mar 13, 2008 at 11:21:50PM +0100, Andrea Faver wrote:
>
>
>> i'm trying to convert a pcap file (made with WIRESHARK) to a ivs file
>> with aircrack ivstools.exe but it doesn't recognize the file. how can
>> i do it?
>>
>
>
>> When i save my captured
On Thu, Mar 13, 2008 at 11:21:50PM +0100, Andrea Faver wrote:
> i'm trying to convert a pcap file (made with WIRESHARK) to a ivs file
> with aircrack ivstools.exe but it doesn't recognize the file. how can
> i do it?
> When i save my captured packed in WIRESHARK, in wich format should i
> do i
Hi.
i am new,
i have to question if you can help me.
i'm trying to convert a pcap file (made with WIRESHARK) to a ivs file
with aircrack ivstools.exe but it doesn't recognize the file. how can i
do it?
When i save my captured packed in WIRESHARK, in wich format should i do
it? (i have several op
It means that the packet in question does not match the decrption key you
have defined. The whole debug from the packets in question would help.
Robert
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marc Quibell
Sent: Thursday, March 13, 2008 4:25 PM
To: Wireshark
Thanks Weiner.
I think I did put my question correctly.?
What I am after is how to decode the q931 under IUA messages using the
wireshark. I can decode v5.2 messages under V5UA without any issues. For
some reason I am unable to decode Q931 under IUA. Both IUA & V5UA are
piggybacked on SCTP. Pls r
Cuando el habla de merging el se refiere a combinar las dos capturas, esta
posibilidad se encuentra en en el menu principal de wireshar con ese nombre.
2008/3/13, Fabiana moreno <[EMAIL PROTECTED]>:
>
> Thanks for your reply! very helpful...But can you explain what do you
> exactly refer with merg
Sorry guys for spamming your inbox again...But im doing this project and i
have one to MANY questions
Anyway, im now streaming my mpeg4 over tcp/ip protocols
And i want to identify the packets im gettingbecause im getting packets
http packet and tcp packets in both directions...i wanna
Hi,
INVITE URI usually translates into Called party number. The URI type is not
converted, maybe only used to verify that the SETUP can be composed of the
URI information, or, if it's an advanced gateway, could select a number plan
and type based on the URI type, but I've never seen that before.
No one knows what the "no decoder available" message means?
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
__
The information contained in this message may be privileged and
confidential and protected from disclosure
Hi Jaap,
I'm sorry i didn't give the whole picture. The call is first converted
from H323 to SIP, then back to H323. I'm tracing the H323 messages after
the conversion from SIP, and the flags are set the same as in the
original H323 setup message. For example, if i have the flags set as
"Inter
Thanks for your reply! very helpful...But can you explain what do you
exactly refer with merging the captures? sorry my first language isnt
english. Thanks!
On 13/03/2008, Martin Mathieson <[EMAIL PROTECTED]> wrote:
>
> Then you can run a normal ping. Merge the captures, and, assuming that
> both
Then you can run a normal ping. Merge the captures, and, assuming that both
journies took the same amount of time, you now know:
- the network latency (although note that ICMP may not be given the same
priority as RTP./RTCP traffic)
- how much you might need to time-shift the second trace before me
My receiver computer is running under windows and the one transmitting the
video is running under linux.How can i do this in this case???
On 13/03/2008, Rob MacKenzie <[EMAIL PROTECTED]> wrote:
>
> I looked at re-writing ping once to test time difference… IF your
> endpoints are in the same
our MATE can do that...
On Thu, Mar 13, 2008 at 7:12 PM, Martin Mathieson
<[EMAIL PROTECTED]> wrote:
> I once saw an impressive demo of the Hammer Call Analyzer.
>
> It let you configure rules to describe how the gateway would be translating
> between numbers and URIs.
> It could then associate bo
I once saw an impressive demo of the Hammer Call Analyzer.
It let you configure rules to describe how the gateway would be translating
between numbers and URIs.
It could then associate both call legs of the call and show them in a single
ladder diagram.
Martin
On Thu, Mar 13, 2008 at 5:35 PM, Ja
Hi,
Called party number usually translates into the INVITE URI. The number plan
and type are not converted, maybe only used to verify that a URI can be
composed of the called party number information, or, if it's an advanced
gateway, could select the URI format based on the plan and type, but I
I looked at re-writing ping once to test time difference... IF your endpoints
are in the same building, consider running a wire between the parallel ports
and code something to check the exact time when you flip a switch or something.
Then you would have a trigger time for both.
___
If you have console / command prompt of some type, most operating systems
have a ping command that uses ICMP to test connectivity and routrip delay to
a remote host and back.
But I don't know what OS or environment is running on your endpoints.
On Thu, Mar 13, 2008 at 4:05 PM, Fabiana moreno <[EMA
how can do the ping? I dont know what this is
On 13/03/2008, Martin Mathieson <[EMAIL PROTECTED]> wrote:
>
> You could of course do a ping. And see how close to the middle the far
> side sees something happen...
>
> On Thu, Mar 13, 2008 at 2:49 PM, Fabiana moreno <[EMAIL PROTECTED]>
> wrote:
>
>
You could of course do a ping. And see how close to the middle the far side
sees something happen...
On Thu, Mar 13, 2008 at 2:49 PM, Fabiana moreno <[EMAIL PROTECTED]> wrote:
> Well i did this...but i dont know if it's ideal...i think it would work
> though
>
> I synchronized the two comput
[EMAIL PROTECTED] wrote:
> Hi,
>
> Earlier today I installed Wireshark 0.99.8 with the GTK2 user interface.
> Everytime I start up Wireshark with the GTK1 user interface I get an error
> saying wireshark.exe - Application Error. The application failed to
> initialize properly, click OK to termin
Well i did this...but i dont know if it's ideal...i think it would work
though
I synchronized the two computers to a server on the internet before every
capture so both have the exact same time.
i have my sniffer in the two computers, the one that sends and the ones that
receive.
I created a
Hello all,
I have an H323->SIP gateway and i'm trying to figure out how it maps the
"Called Party/Number plan/Number type" information element, found in the
original Q.931 setup message, to the SIP Invite message. I have the traces
from both the Q931 setup packet (where i can see the number plan/n
Since you were previously talking about RTP, if you had RTCP reports being
sent in both directions, you can calculate the network rountrip propagation
delay using the timestamps only from one side.
Wireshark already does this calculation, if you turn the appropriate
preferences on for the RTCP dis
Hi Fabiana,
the only way to do that is if you know the time difference between the machines.
It´s not so easy however if you use windows you could try synchronizing both
endpoints by using:
w32tm /config /manualpeerlist:[IP to synchronize to] /update
/syncfromflags:MANUAL
and then monitor th
29 matches
Mail list logo