headers
Yahoo!Groups | 12 Nov 08:15
Picon

Please confirm your request to join gimpwin-users

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev <at> wireshark.org.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------

Hello ethereal-dev <at> ethereal.com,

We have received your request to join the gimpwin-users 
group hosted by Yahoo! Groups, a free, easy-to-use community service.

This request will expire in 7 days.

TO BECOME A MEMBER OF THE GROUP: 

1) Go to the Yahoo! Groups site by clicking on this link:
   http://groups.yahoo.com/i?i=4jj_4IHxzbzAGx2eKoO9XVzadRY&e=ethereal-dev%40ethereal%2Ecom 

  (If clicking doesn't work, "Cut" and "Paste" the line above into your 
   Web browser's address bar.)

-OR-

2) REPLY to this email by clicking "Reply" and then "Send"
   in your email program

If you did not request, or do not want, a membership in the
gimpwin-users group, please accept our apologies
and ignore this message.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Wireshark announcements | 1 Nov 02:40
Favicon

Wireshark 0.99.4 is now available


Wireshark 0.99.4 has been released.

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer.
   It is used for troubleshooting, analysis, development, and
   education.

What's New

  Bug Fixes

   The following vulnerabilities have been fixed. See the security
   advisory for details and a workaround.

     o The HTTP dissector could crash. (Bugs 1050 and 1079)
       Versions affected: 0.99.3.
       CVE-2006-5468

     o The LDAP dissector (and possibly others) could crash. (Bug
       1054)
       Versions affected: 0.99.3.
       CVE-2006-5740

     o The XOT dissector could attempt to allocate a large amount of
       memory and crash. (Bug 1133)
       Versions affected: 0.9.8 to 0.99.3.
       CVE-2006-4805
(Continue reading)

Permalink | Reply | 8 comments |
headers
Paraskevopoulos Pavlos | 10 Oct 12:53
Picon
Favicon

H248 package over TCP

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev <at> wireshark.org.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------


Hi,

Due to our needs in using ethereal to trace H248 binary packages, we 
have made some additions to h248-package-template.
We added the udp and tcp port, as well as the pasring of some events and 
signals.

I am sending the changes to the list.

Paul

Index: packet-h248-template.c
===================================================================
--- packet-h248-template.c	(revision 18189)
+++ packet-h248-template.c	(working copy)
@@ -48,6 +48,7 @@
 #include <epan/dissectors/packet-q931.h>
 #include <epan/dissectors/packet-alcap.h>
 #include <epan/dissectors/packet-mtp3.h>
+#include <epan/dissectors/packet-tpkt.h>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Pierre JUHEN | 9 Oct 21:33
Picon

Request for evolution in TCP dissector

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev <at> wireshark.org.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------

I would like to use the pdml of tshark to work on a "reassembled"  TCP 
layer.

If the packet needs really reassembling, it's ok, and I can use the 
"tcp.segment"  fields to get the payload.

But if the applicative PDU is inside only one packet, there is no 
tcp.segment.

Would it be possible to get a "tcp.segment" to get the payload, even if 
there is only one segment.

Thanks for your advice

Pierre JUHEN
Permalink | Reply | 0 comments |
headers
Roman Prots' | 9 Oct 20:43
Picon

[Plugin dev] Dissector of IP protocol?

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev <at> wireshark.org.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------

How do I dissect data of IP protocol, when it is neither TCP, UPP or other not Known to Ethereal.

_______________________________________________
Ethereal-dev mailing list
Ethereal-dev <at> ethereal.com
http://www.ethereal.com/mailman/listinfo/ethereal-dev
Permalink | Reply | 1 comment |
headers
Andreina Toro | 9 Oct 14:36
Picon

Please, can anyone help me with my problem calculating interarrival jitter?

Hi everyone, I sent a mail a week ago asking if there was an option in Wireshark to calculate Interarrival jitter?, or wich is the shortest and direct way to analyze RTP Streams of each call, so I can get the jitter data of each packet of each call  in order to calculate manually the interarrival jitter?. Please consider the fact that I have to create an automatic routine with a marco recorder, so everytime the program is run I can calculate this specific jitter. And please also consider that the number of calls per capture is variable. I know the mean jitter is calculated by wiresahark, and also the jitters of each packet.
 
Please, I´m looking forward for any help you could give me, or at least any answer telling me that there is no way to automatize the calculation of this interarrival jitter.
 
Thanks for your time, and sorry for any inconvinience,
 
Best Regards,
 
Andreina
 
PD: Here I copied the mail I sent a week ago, where I explain in detail what my problem is
 
I have a question about Wireshark and the RTP Streams. I need to calculate the Interarrival Jitter. I undestand that "it is calculated continuously as each data packet i is received from source SSRC_n, using this difference D for that packet and the previous packet i-1 in order of arrival (not necessarily in sequence), according to the formula J=J+(|D(i-1,i)|-J)/16 "
 
In the sub menu "Show all RTP Streams" I found the Mean Jitter and the Max Jitter of each call. But I need the specific Interarrival Jitter of each call. I know I can calculate it because if I choose a call in that specific Window and then click on "Analyze" I get another window with a lot of information, among those the jitter of each packet of each call, with that data I can manually calculate the Interarrival Jitter that I need. The problem is that I need to automatize the process using a Macro Recorder , and I don´t see how I can create a general routine using the Keyboard that would apply to every Capture in order to get the data that I need. I don´t know If I´m being clear with what my problem is.. With Wireshark in the RTP Streams Window I need to click on top of the specific stream for an analysis. So I can not automatize that because depending on the number of calls in each capture I´ll need to click in an specific number of streams in order to get each analysis in wich I can get the data for the Jitter I need.?? :( So is there another way to get this Jitter? that would get me more directly to the jitter for ALL the calls in a capture?? And is there a way using ONLY the KEYBOARD and not the MOUSE to click and choose a specific Stream in the "Show all RTP Streams Window"??? Because the problem with the mouse is that the window can be located in any position in the Screen...
 
If anyone could help me I would me veeeeeeeeeeeeeeeeeeeeeery thankfull...
 
The problem is that I need to create  a routine using Wireshark with a Macro Recorder and run it every 2 hours in order to calculate Quality of Service parameters for VoIP Calls...
 
Thaaaaaaaaaaaanks.... you´re helping a Venezuelan student in a middle of a crisis!!!!
 
Best Regards!
Andreina 
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev <at> wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Permalink | Reply | 0 comments |
headers
Yahoo!Groups | 8 Oct 13:45
Picon

Please reactivate your Yahoo! Groups email address

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev <at> wireshark.org.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------

Dear Yahoo! Groups member,

You belong to one or more email groups provided by Yahoo! Groups 
(groups.yahoo.com).

Recently, messages sent to you from Yahoo! Groups have been
returned to us as undeliverable. As a result, we have temporarily 
turned off message delivery to this email address.

If you are reading this message, the delivery problem appears to
be fixed. To start receiving your groups messages by email again and
turn your account back on, please visit:

http://groups.yahoo.com/unbounce?adj=277295581,18563&p=1160303875 

(You can also copy and paste this link into your browser, and hit the
'Return' key.)

Once you reactivate your Yahoo! Groups account by clicking the
link above, you will receive messages from your group(s) again.

Tip: You can read messages you might have missed while delivery was
turned off by visiting your groups here:

http://groups.yahoo.com/mygroups

Thank you for using Yahoo! Groups!

Yahoo! Groups Customer Care

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Permalink | Reply | 0 comments |
headers
Yahoo!Groups | 7 Oct 20:38
Picon

Please confirm your request to join gimpwin-users

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev <at> wireshark.org.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------

Hello ethereal-dev <at> ethereal.com,

We have received your request to join the gimpwin-users 
group hosted by Yahoo! Groups, a free, easy-to-use community service.

This request will expire in 7 days.

TO BECOME A MEMBER OF THE GROUP: 

1) Go to the Yahoo! Groups site by clicking on this link:
   http://groups.yahoo.com/i?i=W0Ak1n1Nmt-7CxW6YF9DDutstv8&e=ethereal-dev%40ethereal%2Ecom 

  (If clicking doesn't work, "Cut" and "Paste" the line above into your 
   Web browser's address bar.)

-OR-

2) REPLY to this email by clicking "Reply" and then "Send"
   in your email program

If you did not request, or do not want, a membership in the
gimpwin-users group, please accept our apologies
and ignore this message.

Regards,

Yahoo! Groups Customer Care

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Permalink | Reply | 0 comments |
headers
upasana saxena | 6 Oct 21:08
Picon
Favicon

urgent...ur attention please...

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev <at> wireshark.org.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------

hi everybody...
 
I m in need of some help from any one of u all.....
 
Actually I want to know that how we can get network statistics or information of packets from a particular ip address.....using ethereal...
 
please guide me properly step wise....actually I m not getting it using it...
 
plz tell me also abt what r the recent developmants going on??????I m also desiring to develop some new module in it.......
 
I will be very thankful to u all.....
Plz reply me as soon as possible..
 
regards...
Upasana

_______________________________________________
Ethereal-dev mailing list
Ethereal-dev <at> ethereal.com
http://www.ethereal.com/mailman/listinfo/ethereal-dev
Permalink | Reply | 0 comments |
headers
Aaron Campbell | 6 Oct 01:20

bug in packet-bgp.c (Ethereal) and print-bgp.c (tcpdump)

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev <at> wireshark.org.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------

The expression (BGP_OSPF_RTYPE_EXT ||BGP_OSPF_RTYPE_NSSA) will always
evaluate to 1.  As well, neither of these constants are defined as flag
values, so a bitwise op was probably not intended either.

Commit log for packet-bgp.c in Ethereal shows that this code originated
from Aamer Akhter, and was later ported to tcpdump by Hannes Gredler.  I
am CC'ing both of them for comment.

Below is my attempt to fix the code in both projects.  Is it correct?
(This is untested, I don't have a trace to test with.)

ethereal patch:
--- packet-bgp.c.orig	Thu Oct  5 19:59:25 2006
+++ packet-bgp.c	Thu Oct  5 20:00:40 2006
@@ -2268,7 +2268,7 @@
 				/* always print E2 even if not external route -- receiving router should ignore */
                                 if ( (tvb_get_guint8(tvb,q+7)) & BGP_OSPF_RTYPE_METRIC_TYPE ) {
                                     junk_gbuf_ptr += g_snprintf(junk_gbuf_ptr, MAX_STR_LEN-(junk_gbuf_ptr-junk_gbuf), " E2");
-                                } else if (tvb_get_guint8(tvb,q+6)==(BGP_OSPF_RTYPE_EXT ||BGP_OSPF_RTYPE_NSSA ) ) {
+                                } else if ( (tvb_get_guint8(tvb,q+6)==BGP_OSPF_RTYPE_EXT) ||
(tvb_get_guint8(tvb,q+6)==BGP_OSPF_RTYPE_NSSA) ) {
                                     junk_gbuf_ptr += g_snprintf(junk_gbuf_ptr, MAX_STR_LEN-(junk_gbuf_ptr-junk_gbuf), " E1");
                                 } else {
 				    junk_gbuf_ptr += g_snprintf(junk_gbuf_ptr, MAX_STR_LEN-(junk_gbuf_ptr-junk_gbuf), ", no options");

tcpdump patch:
--- print-bgp.c.orig	Thu Oct  5 19:35:04 2006
+++ print-bgp.c	Thu Oct  5 19:45:35 2006
@@ -1508,7 +1508,7 @@
 					  *(tptr+6),
 					  tokbuf, sizeof(tokbuf)),
                                (*(tptr+7) &  BGP_OSPF_RTYPE_METRIC_TYPE) ? "E2" : "",
-                               (*(tptr+6) == (BGP_OSPF_RTYPE_EXT ||BGP_OSPF_RTYPE_NSSA )) ? "E1" : "");
+                               ((*(tptr+6) == BGP_OSPF_RTYPE_EXT) || (*(tptr+6) == BGP_OSPF_RTYPE_NSSA)) ? "E1" : "");
                         break;
                     case BGP_EXT_COM_L2INFO:
                         printf(": %s Control Flags [0x%02x]:MTU %u",

---
Aaron Campbell <aaron <at> arbor.net>
Software Engineer, Arbor Networks, Inc.
Permalink | Reply | 2 comments |
headers
Best EU Merchant Account | 6 Oct 00:21
Picon
Favicon

International Payment Group - Direct Account / Reseller/ eWallet

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev <at> wireshark.org.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------

  Date here Oct / 4/2006  
International Processing Group. 
 
  Click here to visit our website!

High Risk and International Merchant Services

 

Subject: International Payment Group - Direct Account / Reseller/ eWallet

Our International Processing Group is excited to announce that our expansion into North American Merchants and continued success internationally has been a remarkable processing medium to high-risk merchant accounts.  As Acquirers, we are quickly obtaining direct Offshore Processing accounts for merchants in all industries and partnering with strong ISO/Resellers to book profitable merchant accounts.  All merchants and resellers can enjoy the security of working and processing DIRECTLY with many of our Class A Banks.  In addition, we can book most any account or find a solution to book that account. 

We would also  be interested in partnering and using any of your Banks or solutions referral you will provide us for our large international and Large USA Merchant portfolio.

We are using a great PCI compliant and registered international Gateway and we will be able to connect it to any of your solutions if necessary.

 

The process is very simple and I hope to work with you shortly.  Please contact me directly via phone or email to get started.

 

Best Regards, 

North American Sales Team

International Merchant Processing Group

 isobankcard <at> yahoo.com  

 

If you would like to be removed from our e-mail list, please reply with "REMOVE ME" in the subject.  Thank you.

 

    ©Copyright (2002) Merchant Solutions. All Rights Reserved. 
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev <at> ethereal.com
http://www.ethereal.com/mailman/listinfo/ethereal-dev
Permalink | Reply | 0 comments |

Gmane