Wireshark-users: Re: [Wireshark-users] Dicom...

From: <Tim.Poth@xxxxxxxxxxx>
Date: Mon, 1 Feb 2010 14:54:20 -0500

You could put in the filter bar
Dicom
Or you could put
Tcp.port eq 4105
Or whatever the port number is. If dicom is udp it would be udp.port (don't know the protocol)
Im sure there are other options but that's what my first thoughts are.
Thanks
tim

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Brian OBrien
Sent: Monday, February 01, 2010 2:48 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Dicom...

How do I filter DICOM activity between two hosts?

Tim.Poth@xxxxxxxxxxx wrote:
> Right click on a packet and select decode as, choice the port number / 
> protocol you would like Thanks tim
>
> -----Original Message-----
> From: wireshark-users-bounces@xxxxxxxxxxxxx 
> [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Brian 
> OBrien
> Sent: Monday, February 01, 2010 2:24 PM
> To: wireshark-users@xxxxxxxxxxxxx
> Subject: [Wireshark-users] Dicom...
>
> I'm trying to analyze an issue with the dicom protocol.
> The dicom server I'm tyring to analyze is running on port 4105... Not the standard port 104.
> I see packets but they are being treated as shofarplayer packets...
> How do I display them as DICOM messages?
> I am running WireShark 1.2.5 on Mac OS X 10.5
>
>  
>
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>              
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
>   


-- 

  'Brian O'Brien.

  'Seaman Family MR Research Center.

  'PACS System Manager.

https://me.vonage.com/bjobrien