[LEGO <luis.ontanon@xxxxxxxxx>]

On 3/8/06, Shepheard, Toby (London) <Toby_Shepheard@xxxxxx> wrote:
>
> I've had a dig around the wiki and the html documentation, but can't find
> the answers to a few questions around protocol support; I'm hoping someone
> here can help out.
>
> 1) Does anyone know if there's any support in ethereal for Tibco RV
> messages? I couldn't find it anywhere in the protocol lists, and at the
> moment can only view them as raw UDP messages

No support whatsoever.

> 2) How would I go about creating support for a new protocol, and how complex
> would this be given that it sits on top of UDP.

No specs available on what's on the packet so it's a reverse
engineering job. (I tried once, but not having but few packets
available could no realy figure out almost nothing.

I know that there is some variation of PGM over which transport is
built, but I had not enough info to  even figure out where the PGMlike
header stopped and where the marshalled data began.


The first thing needed to begin againg the reveng process is to have a
large set of  capturefiles and  the contemporary output of the RV
Snoop command with the most accurate timestamps possible. (maybe
placed in http://wiki.ethereal.com/Tibco )


--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan