Mina sina said:
> I wanted to open Ethereal file with 'Notepad' such that I can read how the
> contents are written in it. But it didn't help as i was having a boxes and
> other garbach.
> Can any one suggest anything to open Ethereal file in readable way?
Open it with a hex editor. Libpcap files (Ethereal uses the same capture
file format that tcpdump uses, and that libpcap/WinPcap have code to read
and write, although Ethereal has its own code to read and write them) are
binary, not text.
Note that if you want to know how the contents are written because you
want to read those files, the best way to read those files, in most if not
all cases, is to use libpcap/WinPcap, or one of the wrappers for
libpcap/WinPcap such as Net::Pcap for Perl. A new file format is being
developed for libpcap, and code that uses libpcap/WinPcap will
automatically be able to read new files if it's dynamically linked with
libpcap/WinPcap and a new version of libpcap/WinPcap is installed, or if
it's statically linked with them and is rebuilt with a new version of
libpcap/WinPcap (assuming that the file doesn't use any features of the
new format that can't be supported with the current libpcap/WinPcap APIs,
such as support for captures containing traffic from more than one
interface).