Wireshark · Wireshark-dev: [Wireshark-dev] Regarding EcDoRpc MAPI Request Subcontent Size Feld

Wireshark-dev: [Wireshark-dev] Regarding EcDoRpc MAPI Request Subcontent Size Feld

From: Soumitra Banerjee <banerjee.soumitra@xxxxxxxxx>

Date: Fri, 28 Aug 2009 11:01:18 +0530

Hi all,

I'm using Wireshark version 1.2.1 in Ubuntu 9.04 machine. I've taken some of the captures while communicating my organization's Exchange Server 2007. In all the captures for MAPI EcDoRpc Request packets, there is a chunk of data that is pointed out by a field SubContent Data Size, and the field after that Decrypted MAPI PDU that points to a different set of data outside the packet.
Does Decrypted MAPI PDU is the decrypted version of the subcontent field ? Kindly explain.

--
Thanks & Regards,
Soumitra

Prev by Date: Re: [Wireshark-dev] Fwd: MultiLanguage Support for Wireshark ????
Next by Date: Re: [Wireshark-dev] Fwd: MultiLanguage Support for Wireshark ????
Previous by thread: Re: [Wireshark-dev] Is there a way to get a tcp sequence number from my plugin?
Next by thread: Re: [Wireshark-dev] [Wireshark-commits] rev 29589: /trunk/ /trunk/: CMakeLists.txt
Index(es):
- Date
- Thread