[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: tcpdump?

On Sat, Feb 20, 2010 at 07:22:29AM +0000, Hadi Motamedi wrote:


> > try wireshark


> I have Wireshark on my MS Windows platform . I captured the tcpdump output in a file and opened it in Wireshark , but I cannot find how to decode the udp payload data in ascii format . Can you please let me know how can I do that in Wireshark ?

So first you are trying to look at the data that is being sent to/from
exchange.  You are trying to decode the udp packets ?

if so , then if anything out of the box can do it, that would be
wireshark, by default (atleast on the linux/debian version), it comes
with alot of decoders.  Select the packet you are looking into and drill
down, you should have 3 windows of different information. with the
bottom window you can view the payload and if wireshark can decode it,
it will into something more sensible. but if its been encryted then you
are going to need the keys or a lot of money and time.

Why not explain what you are trying to do, you main goal

Attachment: signature.asc
Description: Digital signature

Reply to: