Wireshark · Ethereal-users: Re: [Ethereal-users] Packet Timestamp

Ethereal-users: Re: [Ethereal-users] Packet Timestamp

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Kevin Johnson <kjohnson@xxxxxxxxxxxxxxx>

Date: Sun, 27 Feb 2005 10:00:22 -0500

On Sat, 2005-02-26 at 17:10, Richard Olson wrote:
> I have been looking at a trace file in Ethereal that was created by Sniffer 
> Pro. It looks like the  packet times differ by 40 minutes in 
> Ethereal(Ethereal packet time is 40 minutes earlier than the time of the 
> same packet in Sniffer Pro). I downloaded Netasyst and looked at the same 
> trace file and the packet times are the same as in Sniffer Pro. The capture 
> file is a compressed(caz) file. I also noticed that I can't use filters on 
> this file. I must first load the file(.caz) and then save it as .cap file 
> and then load the .cap file.

Hi-

What version of Ethereal are you using?   There is a patch in 0.10.9
that fixed some of the time stamp issues with Sniffer Pro.

Kevin
-------------------
BASE Project Lead
http://sourceforge.net/projects/secureideas
http://base.secureideas.net
The next step in IDS analysis!

Attachment: signature.asc
Description: This is a digitally signed message part

Follow-Ups:
- Re: [Ethereal-users] Packet Timestamp
  - From: Hansang Bae
- Re: [Ethereal-users] Packet Timestamp
  - From: Richard Olson

References:
- [Ethereal-users] Packet Timestamp
  - From: Richard Olson

Prev by Date: Re: [Ethereal-users] Problems on OS x 10.3.8
Next by Date: Re: [Ethereal-users] Packet Timestamp
Previous by thread: [Ethereal-users] Packet Timestamp
Next by thread: Re: [Ethereal-users] Packet Timestamp
Index(es):
- Date
- Thread