Hi Harris,
Just wanted to understand in what way these 2 (MS network monitor and Wireshark) differ??
I just noticed that wireshark uses winPcap where as the other uses NDIS.
Any more thoughts on this?? Is there any other hardware kind of dependencies present??
Purely as a matter of curiosity i am asking this question.
Thanks and regards
Krishnamurthy Mayya
On Sat, Mar 3, 2012 at 3:02 AM, Guy Harris
<guy@xxxxxxxxxxxx> wrote:
At
http://www.sonic.net/~gharris/paul-clifford.tiff
is a (570KB, so not attached) screenshot of a VMware Fusion Windows XP session with Network Monitor 3.4 open; I've added a comment to the currently-selected frame.
The UI is the default for NetMon - packet summary pane above two panes, one with packet details and one with the comments for the current frame. The Edit toolbar button pops up a window in which you can edit the comment; Next Comment and Previous Comment go through the list of comments.
(And, yes, the title of the comment does describe the contents of the comment, and, yes, I *did* make the entire contents of Edward Bulwer-Lytton's "Paul Clifford" be the description field of the comment - it's about a megabyte, so it's not going to fit into a pcap-NG comment. That's the second paragraph, by the way, and it rattles on for rather a long time after the infamous first clause....
The Description field in a NetMon comment is stored in RTF, so you can, at least, paste text with all sorts of fonts and paragraph types in it. It's not a required field, unlike the title, so you can just have a one-line comment in the title; the title is not rich text, it's just Unicode plain text.)
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
