|
> Date: Sun, 21 Feb 2010 07:32:19 +1100 > From: alex@samad.com.au > To: debian-user@lists.debian.org > Subject: Re: tcpdump? > > On Sat, Feb 20, 2010 at 07:22:29AM +0000, Hadi Motamedi wrote: > > [snip] > > > > try wireshark > > [snip] > > > > > I have Wireshark on my MS Windows platform . I captured the tcpdump output in a file and opened it in Wireshark , but I cannot find how to decode the udp payload data in ascii format . Can you please let me know how can I do that in Wireshark ? > > > > So first you are trying to look at the data that is being sent to/from > exchange. You are trying to decode the udp packets ? > > if so , then if anything out of the box can do it, that would be > wireshark, by default (atleast on the linux/debian version), it comes > with alot of decoders. Select the packet you are looking into a nd drill > down, you should have 3 windows of different information. with the > bottom window you can view the payload and if wireshark can decode it, > it will into something more sensible. but if its been encryted then you > are going to need the keys or a lot of money and time. > > > Why not explain what you are trying to do, you main goal > > Thank you for your reply . My mail goal is to find what is the exact command syntax and its arguments that the attached network element is sending to my Debian server on the specified port . I am seeing communication packets exchaned between the network element and my Debian (through opening the log on Wireshark) but I want to decode it and find the exact syntax of the command sent . Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now. |