Wireshark · Wireshark-users: Re: [Wireshark-users] Analyzing tcpdump file differs from OSX to Windows

Wireshark-users: Re: [Wireshark-users] Analyzing tcpdump file differs from OSX to Windows

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>

Date: Wed, 29 Sep 2010 09:07:14 +0200

On 09/29/2010 02:38 AM, jACK cRASH wrote:

I am in a Networking class and my lab partner and I are both using wireshark to look at a tcpdump file created on a linux machine.

He is using Windows XP wireshark and I am using Snow Leopard Wireshark and today we were looking at the same file and wireshark was displaying the information for a pack differently between the two OSs, the time stamp was the same and the binary info at the bottom was the same.

Why is this.

Thank you for your time.

Jack

Hi,

Diff your configuration files and see what pops out. Differences will probablybe in the areas you see differences in presentation.Also you should run stable releases, like 1.2.11, or 1.4.0. If you're runningthe development releases 1.5.0-SVN- better make sure the subversion revisionnumbers match. It may make a big difference too. Then there's the buildconfigurations; the 32 and 64 bit versions aren't equipped equally.


Thanks,
Jaap

References:
- [Wireshark-users] Analyzing tcpdump file differs from OSX to Windows
  - From: jACK cRASH

Prev by Date: Re: [Wireshark-users] Scripts for filtering a directory file captures to only include specific Subnet packets in new files in a new directory
Next by Date: [Wireshark-users] Display filter for TCP reserved field
Previous by thread: Re: [Wireshark-users] Analyzing tcpdump file differs from OSX to Windows
Next by thread: [Wireshark-users] Display filter for TCP reserved field
Index(es):
- Date
- Thread