Wireshark · Ethereal-dev: [Ethereal-dev] Re: [Ethereal-cvs] cvs commit: ethereal packet-rpc.c

Ethereal-dev: [Ethereal-dev] Re: [Ethereal-cvs] cvs commit: ethereal packet-rpc.c

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Ronnie Sahlberg" <ronnie_sahlberg@xxxxxxxxxxxxxx>

Date: Fri, 18 Jul 2003 22:46:56 +1000

----- Original Message -----
From: "Guy Harris"
Sent: Friday, July 18, 2003 9:08 AM
Subject: [Ethereal-cvs] cvs commit: ethereal packet-rpc.c

> guy         2003/07/17 18:08:52 CDT
>
>   Modified files:
>     .                    packet-rpc.c
>   Log:
>   Put in a note about the call heuristics.

I think something that might be good enough and which would not generate too
many false positives is
if the portmapper dissector was modified to parse commands such as GETPORT,
DUMP etc
and teach the rpc dissector that those ip/port combos do carry onc-rpc even
though the actual application protocol might be unknown.

Then change the rpc dissector to allow it to dissect the rpc layer for these
protocols even if the actual app layer is unknown.
It would be nice as well to make DecodeAs...  work as well and decode the
rpc layer for these protocols.

I have planned to do this for a long long time but never had time.

Prev by Date: Re: [Ethereal-dev] ethereal plugin interface
Next by Date: [Ethereal-dev] new release?
Previous by thread: RE : RE : [Ethereal-dev] Dev Environments for Ethereal on Windows
Next by thread: [Ethereal-dev] new release?
Index(es):
- Date
- Thread