Wireshark
the world's foremost network protocol analyzer
Wireshark-dev: Re: [Wireshark-dev] Questions about IEEE 802.11 dissector
From: Stig Bjørlykke <stig.bjorlykke@xxxxxxxxx>
Date: Mon, 2 Apr 2007 17:51:40 +0200
Den 2. apr. 2007 kl. 17.18 skrev Joerg Mayer:
On Mon, Apr 02, 2007 at 03:56:59PM +0200, Stig Bj?rlykke wrote:2. When connected to a wep encrypted network the data package is marked as protected but the data part is not encrypted and the content is not dissected. Is this be because the mac os driver has decrypted the data before they are captured with wireshark? In this case I think the data should be dissected. See the attached capture ieee80211-wep.pcap, with a IPP package which is not dissected.IIRC, that is configureable as well. Ignore the protection bit.
This does not work as expected, because dissection of the "WEP parameters" are omitted and the dissection of LLC starts too early.
-- Stig Bjørlykke
- Follow-Ups:
- Re: [Wireshark-dev] Questions about IEEE 802.11 dissector
- From: Joerg Mayer
- Re: [Wireshark-dev] Questions about IEEE 802.11 dissector
- References:
- [Wireshark-dev] Questions about IEEE 802.11 dissector
- From: Stig Bjørlykke
- Re: [Wireshark-dev] Questions about IEEE 802.11 dissector
- From: Joerg Mayer
- [Wireshark-dev] Questions about IEEE 802.11 dissector
- Prev by Date: Re: [Wireshark-dev] Questions about IEEE 802.11 dissector
- Next by Date: Re: [Wireshark-dev] Update official Windows build?
- Previous by thread: Re: [Wireshark-dev] Questions about IEEE 802.11 dissector
- Next by thread: Re: [Wireshark-dev] Questions about IEEE 802.11 dissector
- Index(es):