Ethereal-users: Re: [Ethereal-users] Older/Proprietary Protocols

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Mark Atwood <mra@xxxxxxxxx>
Date: 20 Oct 2000 09:42:00 -0700
"Deighan, Richard - GCP" <radeighan@xxxxxxxxxxxxx> writes:
> We have two HP3000's running MPE, and there's a lot of terminal traffic done
> with NS/VT (an old, proprietary HP protocol).
> I've discovered that this protocol seems to fly right under the capture.  I
> don't even see these packets in a straight tcpdump.
> Anyone have any suggestions on how I can monitor this traffic (with
> ethereal, preferably)

If you dont see it with tcpdump, that probably means that it's not IP
based.

If you have a protocol spec, you could write or pay someone to write a
ethereal dissector for it.

If you know or can find out the ethernet frame type for it, I think
you can get ethereal to dump it using a capture or display filter, but
all you would see would be hex gibberish.

-- 
Mark Atwood   | Freedom from want, freedom from fear, freedom from choice.
mra@xxxxxxxxx | Is that the freedom you want? 
http://www.pobox.com/~mra