Wireshark · Ethereal-users: [Ethereal-users] Using snoop with Ethereal

["Schlabach, Torsten" <Torsten.Schlabach@xxxxxxxxxxxxx>]

Dear All,

I am trying something that should be simple but I cannot make this work. This is what we want to achive:

- We do have a Solaris Box on which we want to use snoop (the Solaris equivalent of tcpdump as I understand) to capture traffic to a file.

- The snoop file will be transferred to a Windows NT box running Ethereal.

Ethereal just refuses to open the snoop file saying that the file was not in a format that Ethereal understands.

I have tried to look at the sample from the Ethereal Website (www.ethereal.com/samples, 3.) I can open that file on my PC without any problem, but I cannot open it in a text editor to compare it to the snoop file that I produced because it is somehow compressed. Just all decompression utilities I know about (uncompress, unzip, gunzip) cannot expand this.

So any hints as to

- what options to use on snoop
- how to make the sample from the website readable

would be wonderful.

Alternatively maybe someone can supply a readable (non-compressed) snoop file as an example.

Kind regards,
Torsten Schlabach
T-Systems CSM GmbH, Münster