Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10556] Wireshark can't open netmon files from Microsoft Message Analyzer using

Wireshark-bugs: [Wireshark-bugs] [Bug 10556] Wireshark can't open netmon files from Microsoft Me

Date: Fri, 10 Oct 2014 11:15:33 +0000

What	Removed	Added
CC		[email protected]

Comment # 4 on bug 10556 from Evan Huus

(In reply to Francesco Pretto from comment #3)
> The particularity of this dump is that it's taken using the "Network Tunnel
> Traffic and Unencrypted IPSE" profile of Microsoft Message Analyzer. From my
> understanding, it's a dumping scenario where the packets are the ones
> circulating in tunneled networks like PPP and or VPN links and that are
> effectively filtered by the firewall (inbound/outbound), so they are
> unencrypted. I guess in the *.cap file all these IP packets are encapsulated
> in "virtual" link-layer frames.
> 
> I'm not sure this information is sufficient. If you give me an hint I can
> try to formulate a request to Microsoft Message Analyzer devs (which is new
> and under heavy development).

- "What is the format of the virtual link-layer frames?"
- "Can we assume this format for all MMA files with this media type?"

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 10556] New: Wireshark can't open cap file from Microsoft Message Analyzer
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 10556] Wireshark can't open netmon files from Microsoft Message Analyzer using non-standard "reserved for pcap" media types
Next by Date: [Wireshark-bugs] [Bug 10532] E-LMI and Full status
Previous by thread: [Wireshark-bugs] [Bug 10556] Wireshark can't open netmon files from Microsoft Message Analyzer using non-standard "reserved for pcap" media types
Next by thread: [Wireshark-bugs] [Bug 10556] Wireshark can't open netmon files from Microsoft Message Analyzer using non-standard "reserved for pcap" media types
Index(es):
- Date
- Thread