Wireshark-users: Re: [Wireshark-users] Ethereal-users Digest, Vol 38, Issue 27
From: "Steve Devine" <heysteve989@xxxxxxxxx>
Date: Mon, 26 Jun 2006 10:13:33 -0700
Ok, so I re-did the screenshots which show how ethereal is set up (see my original e-mail below), basically after I stop the capture no data show in the capture screen, it's like there is a hidden display filter on or something. See attachements for settings.
Thanks
Steve
On Fri, Jun 23, 2006 at 01:56:42PM -0700, Steve Devine wrote:
> So I was capturing data for a bit and now all of the sudden nothing will
> show up in the data window after I stop the capture. I have the options
> checked for the data to scroll as it captures but all I see if the first
> packet. I have attached screen shots. I have tried capturing with and
> without a span session, rebooted, uninstalled and reinstalled, but nothing
> works. Using XP, on a Dell latitude, not going thru a hub. I was messing
> with display filters but I have hit the "clear " button several times. See
> attachment for ethereal settings.
> So I was capturing data for a bit and now all of the sudden nothing will
> show up in the data window after I stop the capture. I have the options
> checked for the data to scroll as it captures but all I see if the first
> packet. I have attached screen shots. I have tried capturing with and
> without a span session, rebooted, uninstalled and reinstalled, but nothing
> works. Using XP, on a Dell latitude, not going thru a hub. I was messing
> with display filters but I have hit the "clear " button several times. See
> attachment for ethereal settings.
On 6/25/06, ethereal-users-request@xxxxxxxxxxxx <
ethereal-users-request@xxxxxxxxxxxx> wrote:
Send Ethereal-users mailing list submissions to
ethereal-users@xxxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit
http://www.ethereal.com/mailman/listinfo/ethereal-users
or, via email, send a message with subject or body 'help' to
ethereal-users-request@xxxxxxxxxxxx
You can reach the person managing the list at
ethereal-users-owner@xxxxxxxxxxxx
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Ethereal-users digest..."
Reply-To: Ethereal user support <ethereal-users@xxxxxxxxxxxx>
Today's Topics:
1. Can Ethereal decode properly Google Talk traffic? (Jerry Lam)
2. Re: Can Ethereal decode properly Google Talk traffic?
(authesserre samuel)
3. Re: Install Trouble (Joerg Mayer)
4. Re: Not seeing data (Joerg Mayer)
----------------------------------------------------------------------
Message: 1
Date: Sat, 24 Jun 2006 16:28:34 -0400
From: "Jerry Lam" < jlam@xxxxxxxxxxxx>
Subject: [Ethereal-users] Can Ethereal decode properly Google Talk
traffic?
To: <ethereal-users@xxxxxxxxxxxx>
Message-ID:
<F489AB573A749146B33461ECE080913A1A9B26@xxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
I'm new to Ethereal and I'm new to packet sniffer :)
I tried to sniff google talk packets using ethereal. Ethereal decodes the capture as Jabber XML Messaging which is corrected. However, the XML that is attached with the packet is unreadable. Does google talk encrypted the message? Has anyone tried this in the community? Please shed some lights on this issue if you have an idea!
Thank you,
Jerry
------------------------------
Message: 2
Date: Sun, 25 Jun 2006 01:43:49 +0200
From: "authesserre samuel" <sauthess@xxxxxxxxx >
Subject: Re: [Ethereal-users] Can Ethereal decode properly Google Talk
traffic?
To: "Ethereal user support" <ethereal-users@xxxxxxxxxxxx >
Message-ID:
<9987fc7b0606241643h1de77c5fw64e5df4c2c267bd6@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
hi,
Google Talk is based on Jabber protocol that is supported by Ethereal.
In the web interface it's HTTP post that is used (so dissected by HTTP
dissector) but with other client TLS is needed so all is encrypted and
it's impossible to see data in clear text
the only possibility to see it in clear text is that google give us
the private key used .... (and they never do because TLS become
unuseful ;) )
so if your need was precisely on Google adaptation of jabber the
answer is no, else you could see jabber without encryption (but google
refuse this kind of authentification due to security)
PS : My answer is based on my personal test with Gaim and without
officiel client so it could be different .....
I wish my response satisfy you ;)
Samuel
On 6/24/06, Jerry Lam <jlam@xxxxxxxxxxxx> wrote:
> Hi,
>
> I'm new to Ethereal and I'm new to packet sniffer :)
>
> I tried to sniff google talk packets using ethereal. Ethereal decodes the capture as Jabber XML Messaging which is corrected. However, the XML that is attached with the packet is unreadable. Does google talk encrypted the message? Has anyone tried this in the community? Please shed some lights on this issue if you have an idea!
>
> Thank you,
>
> Jerry
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>
--
++++++++++++++++++++++++++
+ Authesserre Samuel +
+ 12 rue de la défense passive+
+ 14000 CAEN +
+ FRANCE +
+ 06-27-28-13-32 +
+ sauthess@xxxxxxxxx +
++++++++++++++++++++++++++
------------------------------
Message: 3
Date: Sun, 25 Jun 2006 14:34:22 +0200
From: Joerg Mayer <jmayer@xxxxxxxxx>
Subject: Re: [Ethereal-users] Install Trouble
To: Ethereal user support <ethereal-users@xxxxxxxxxxxx>
Cc: wireshark-users@xxxxxxxxxxxxx
Message-ID: < 20060625123422.GA14675@xxxxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=us-ascii
On Fri, Jun 23, 2006 at 07:44:58AM -0400, Marques A Crosby wrote:
> ../packet-wimax-mac.c: In function `dissect_cst_encodings':
> ../packet-wimax-mac.c:8015: warning: unused variable `n'
> ../packet-wimax-mac.c:8030: warning: unused variable `n'
> ../packet-wimax-mac.c :8055: warning: unused variable `n'
> ../packet-wimax-mac.c:8131: warning: unused variable `phsm_item'
> ../packet-wimax-mac.c: At top level:
> ../packet-wimax-mac.c:8162: error: conflicting types for
> 'dissect_sbc_common_enc
> odings'
> ../packet-wimax-mac.c:3914: error: previous implicit declaration of
> 'dissect_sbc
> _common_encodings' was here
> ../packet-wimax-mac.c:8207: error: conflicting types for
> 'dissect_reg_common_enc
> odings'
> ../packet-wimax-mac.c:3659: error: previous implicit declaration of
> 'dissect_reg
> _common_encodings' was here
Can you please forward this mail to wireshark-dev@xxxxxxxxxxxxx? We
moved development of ethereal over to wireshark.org (see the FAQ as to
why) and do no longer maintain the Ethereal sources, just the wireshark
ones.
thanks
Joerg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
------------------------------
Message: 4
Date: Sun, 25 Jun 2006 14:44:57 +0200
From: Joerg Mayer < jmayer@xxxxxxxxx>
Subject: Re: [Ethereal-users] Not seeing data
To: Ethereal user support <ethereal-users@xxxxxxxxxxxx>
Message-ID: < 20060625124457.GB14675@xxxxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=us-ascii
On Fri, Jun 23, 2006 at 01:56:42PM -0700, Steve Devine wrote:
> So I was capturing data for a bit and now all of the sudden nothing will
> show up in the data window after I stop the capture. I have the options
> checked for the data to scroll as it captures but all I see if the first
> packet. I have attached screen shots. I have tried capturing with and
> without a span session, rebooted, uninstalled and reinstalled, but nothing
> works. Using XP, on a Dell latitude, not going thru a hub. I was messing
> with display filters but I have hit the "clear " button several times. See
> attachment for ethereal settings.
There is only one file attached which seems to be a word document. Can
you please resend the pictures and attach them as gif oder jpegs
without embedding them into some proprietary format? When you resend the
mail, please send the mail also to wireshark-users@xxxxxxxxxxxxx, as
that is the place where the development of Wireshark/Ethereal continues.
Thanks
Joerg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
------------------------------
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users
End of Ethereal-users Digest, Vol 38, Issue 27
**********************************************
Attachment:
Capture Options.jpg
Description: JPEG image
Attachment:
Data Capture.jpg
Description: JPEG image
Attachment:
Capture window after data capture.jpg
Description: JPEG image
- Follow-Ups:
- Re: [Wireshark-users] Ethereal-users Digest, Vol 38, Issue 27
- From: Jaap Keuter
- Re: [Wireshark-users] Ethereal-users Digest, Vol 38, Issue 27
- Prev by Date: [Wireshark-users] Compiling Error: collect2: ld returned 1 exit status
- Next by Date: Re: [Wireshark-users] Ethereal-users Digest, Vol 38, Issue 27
- Previous by thread: [Wireshark-users] Compiling Error: collect2: ld returned 1 exit status
- Next by thread: Re: [Wireshark-users] Ethereal-users Digest, Vol 38, Issue 27
- Index(es):
- Get Wireshark
- Download
- Code of Conduct