Wireshark · Ethereal-dev: Re: [Ethereal-dev] Bug in compressed sniffer file decode

Ethereal-dev: Re: [Ethereal-dev] Bug in compressed sniffer file decode

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Gilbert Ramirez <gram@xxxxxxxxxxxxxxx>

Date: Fri, 05 Sep 2003 19:55:53 -0000

On Fri, 2003-09-05 at 14:23, Guy Harris wrote:
> 
> On Sep 3, 2003, at 2:35 PM, Gilbert Ramirez wrote:
> 
> > \If you do this:
> >
> > gzip -dc < Snif6.caz > Snif6.cap
> >
> > then load Snif6.cap in ethereal, all 250 packets appear to be there,
> > *and* match the dissection of Snif6.caz (before it goes bad, that is).
> 
> What happens if you then do
> 
> 	gzip Snif6.cap
> 	mv Snif6.cap.gz Snif6.caz (on UNIX) or ren Snif6.cap.gz Snif6.caz (on 
> Windows)
> 
> and try to read the resulting .caz file in a Sniffer?
> 
> If it works, presumably that means the Sniffer doesn't check the 
> CRC-32.  If it doesn't work, presumably that means that the Sniffer is 
> using some other CRC-32 algorithm.
> 
> 


I don't have access to NAI Sniffer. Greg? Anyone?

--gilbert

References:
- [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Greg Morris
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Guy Harris
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Gilbert Ramirez
- Re: [Ethereal-dev] Bug in compressed sniffer file decode
  - From: Guy Harris

Prev by Date: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Next by Date: Re: [Ethereal-dev] Bugfix to packet-mtp3, Segmentation fault.
Previous by thread: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Next by thread: Re: [Ethereal-dev] Bug in compressed sniffer file decode
Index(es):
- Date
- Thread