Hi,
Hm. I think we should be careful here. Even if the tracefiles are from a
demo
they are still copyrighted so we should not use them I think.
It would be much better only to use captures we create ourself.
Perhaps you can send out a query for people to specify what kind of capture
files we would need and then you youd ask on the mailing list for people
that could create
such captures and donate to your demo capture project.
I am certain your repository already contain lots of captures which would be
very interesting and educational for a new ethereal user to study.
But make VERY CERTAIN that any such captures you donate are taken from
the test network and not from a production network and that they do not
contain any data that might be sensitive.
Also, prune the captures as well before donating them to the webpage.
I think the optimal size for these kind of packets are 5-50kb.
I would like to see iSCSI captures. Preferably both draft-14 and also
earlier drafts.
h.323
NDMP
w2k authentication
active directory
Capture showing TCP sequence number wrapping.
Small capture showing TCP packetloss with FastRetransmit due to duplicate
ACKs
Capture showing SlowStart for TCP.
Capture showing one FastRetransmit, SlowStart and TCP switching from
SlowStart to CongestionAvoidance.
Capture showing Reno thruput dying due to multiple lost packets.
Capture showing NewReno recovering from multiple packetloss.
Capture showing SACK recovring from multiple packetloss.
Capture showing Tahoe recovering from packetloss (might be difficult to
obtain)
A capture with one DNS pdu spanning multiple TCP segments, with instruction
on how to turn on/off DNSoverTCP reassembly.
Similar captures for as many of the other protocols supporting TCP
desegmentation as well.
Capture with fragmented IPv4 with instructions on how to enable/disable
fragment reassembly.
----- Original Message -----
From: "Fred Mendez"
Sent: Thursday, September 19, 2002 3:36 AM
Subject: RE: [Ethereal-users] testing with traces
> I can start by providing the, Trace files demo's that NAI Sniffer has
> provided in there Sniffer School. The CD has 277 enc, 93 trc, 31 atc and
39
> syc traces. These traces have been arround for a while but they do
provide
> some good protocol and network issues cases.
>
> I do have my own private repository of traces that I created/collected
> through the years from my test lab network and remote sites.
>
> I'm attaching a text file that shows the different protocols I have traces
> for. I will be happy to share traces that cover these specific protocols.
> All that I ask is that I can get traces in return for protocols that I
don't
> have.
>
> Also, I will not be able to provide traces that have any sensitive data
> associated with them not unless I modify some of the content data to
protect
> the innocent.
>
> I'm willing to work with any single person privately or a more formal
> structure can be put in place. This is the first time I've sent email to
> your users group and I'm not even a member of your group yet. What would
be
> the next step to take?
>
> Sincerely,
> Fred Mendez