|
I just tried to read a trace created with Microsoft
Network Monitor version 3.3 using Wireshark version 1.4. All the frames have a
Protocol of UNKNOWN and Info of "WTAP_ENCAP = 0". The first two frames appear to
be Unicode text but starting with frame 3 the hex dump shows it to be an IP
packet.
"Decode As" is grayed out so I can't even force a decode.
Any idea how I can read this trace?
Noah Davids
=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Serendipity
is a function of bandwidth
If you are not the intended recipient of this E-mail it
would be nice if you deleted it and notified me that you received it
incorrectly. On the other hand, E-mail in an insecure mechanism; nothing in this
E-mail can be considered confidential. I have no doubts that copies of this
E-mail have been archived by my ISP, your ISP and probably the FBI, CIA and NSA.
I suspect that Interpol, MI-6, SVR (think KGB) and MSS (Chinese) will have
copies shortly, the NSIS (Kenya) will have it by the end of the
week.
|