Wireshark
the world's foremost network protocol analyzer
Wireshark-users: [Wireshark-users] Problem Decoding TCP Port 8080 as HTTP
From: "Feeny, Michael \(GWM-CAI\)" <michael_feeny@xxxxxx>
Date: Wed, 4 Jun 2008 19:08:38 -0400
Title: Difficulties decrypting SSL
Hello,
I'm using Wireshark 1.0.0, and inspecting TCP Port 8080
traffic (HTTP going through a Proxy Server). When I first read the trace
file into Wireshark, it does not decode the 8080 traffic as HTTP - simply as
TCP. This in itself surprises me, since I have seen Wireshark
automatically decode 8080 traffic as HTTP on other occasions. (Perhaps one
of my Preferences is to blame for this.)
So, I try to use "Decode As", specifying TCP Port 8080
traffic to be decoded as HTTP, and Wireshark crashes. (By "crash" I
mean: I get a Message box saying, "Wireshark has encountered a problem and
needs to close...")
I
looked in the 1.0.0 Release Notes, and I saw that some "Decode As" problems
had been FIXED by 1.0.0, but I saw no mention of existing, "known" problems with
Decode As.
Any
help / suggestions are appreciated.
(Below
is the text from "Help/About", in case it's helpful.)
MFeeny
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Version 1.0.0
Copyright 1998-2008 Gerald Combs
<gerald@xxxxxxxxxxxxx> and
contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.12.8, with GLib
2.14.6, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.5,
with ADNS, with Lua 5.1, with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT
Kerberos, with PortAudio V19-devel, with AirPcap.
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.5,
with ADNS, with Lua 5.1, with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT
Kerberos, with PortAudio V19-devel, with AirPcap.
Running on Windows XP Service Pack 2,
build 2600, with WinPcap version 3.1
(packet.dll version 3, 1, 0, 27), based on libpcap version 0.9[.x], without
AirPcap.
(packet.dll version 3, 1, 0, 27), based on libpcap version 0.9[.x], without
AirPcap.
Built using Microsoft Visual C++ 6.0
build 8804
Wireshark is Open Source Software
released under the GNU General Public License.
Check the man page and http://www.wireshark.org for more
information.
This message w/attachments (message) may be privileged, confidential or proprietary, and if you are not an intended recipient, please notify the sender, do not use or share it and delete it. Unless specifically indicated, this message is not an offer to sell or a solicitation of any investment products or other financial product or service, an official confirmation of any transaction, or an official statement of Merrill Lynch. Subject to applicable law, Merrill Lynch may monitor, review and retain e-communications (EC) traveling through its networks/systems. The laws of the country of each sender/recipient may impact the handling of EC, and EC may be archived, supervised and produced in countries other than the country in which you are located. This message cannot be guaranteed to be secure or error-free. This message is subject to terms available at the following link: http://www.ml.com/e-communications_terms/. By messaging with Merrill Lynch you consent to the foregoing.
- Follow-Ups:
- Re: [Wireshark-users] Problem Decoding TCP Port 8080 as HTTP
- From: Stephen Fisher
- Re: [Wireshark-users] Problem Decoding TCP Port 8080 as HTTP
- Prev by Date: Re: [Wireshark-users] Problem running Wireshark in HP UX[/dev/urandom problem]
- Next by Date: Re: [Wireshark-users] How can get more than 1024 files with tshark ringbuffer?
- Previous by thread: Re: [Wireshark-users] How can get more than 1024 files with tsharkringbuffer?
- Next by thread: Re: [Wireshark-users] Problem Decoding TCP Port 8080 as HTTP
- Index(es):