On May 28, 2008, at 7:33 AM, Laden, Joshua wrote:
I’m using the following syntax on a HP-UX 11.23 Itanium server:
tcpdump -w /tmp/sanG.trace -s 1500 -n -i lan8 host x.x.x.x (there is
an actual IP here)
When I try to read the file using wireshark, I get the following
error:
The file "C:\Documents and Settings\eazuj6m\Desktop\sanG.trace" could
not be opened: Uncompression error: buffer error
Do you still have the file in /tmp/sanG.trace on the HP-UX machine?
If so, what does "file /tmp/sanG.trace" print?
If it doesn't print anything about it being compressed, copy the file
from the Windows machine to the HP-UX machine, and compare it with "/
tmp/sanG.trace" with the "cmp" command; if they're not equal,
something got damaged when you copied it. (How did you copy it from
the HP-UX machine to the Windows machine? If you used FTP, and you
didn't FTP it in binary mode, it *definitely* got damaged, and there's
no way to undo the damage.)