Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 1744] TDS Packet Decode ?

Date: Tue, 14 Aug 2007 19:30:51 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1744





------- Comment #1 from wmeier@xxxxxxxxxxx  2007-08-14 19:30 GMT -------
If I'm reading your report correctly, the issue being reported is about
Wireshark decoding non-TDS packets as TDS.

Wireshark uses a number of approaches towards identifying the packet type: port
number tests and etc and also 'heuristic' tests: does the data look like a
particular protocol.

It's been noted previously that the TDS heuristic test is a bit weak and should
be improved.

In any case, the work-around is to disable the TDS decode under
 Analyze ! Enabled Protocols.

(When I'm using Wireshark my tendency is to disable most of the protocol
decodes leaving only the ones I'm interested in so that I don't get confused by
by 'false positives').


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.