Wireshark · Wireshark-users: [Wireshark-users] Regarding EcDoRpc MAPI Request Subcontent Size Feld

Wireshark-users: [Wireshark-users] Regarding EcDoRpc MAPI Request Subcontent Size Feld

From: Soumitra Banerjee <banerjee.soumitra@xxxxxxxxx>

Date: Fri, 28 Aug 2009 11:01:18 +0530

Hi all,

I'm using Wireshark version 1.2.1 in Ubuntu 9.04 machine. I've taken some of the captures while communicating my organization's Exchange Server 2007. In all the captures for MAPI EcDoRpc Request packets, there is a chunk of data that is pointed out by a field SubContent Data Size, and the field after that Decrypted MAPI PDU that points to a different set of data outside the packet.
Does Decrypted MAPI PDU is the decrypted version of the subcontent field ? Kindly explain.

--
Thanks & Regards,
Soumitra

Prev by Date: Re: [Wireshark-users] Nano Second Time format
Next by Date: [Wireshark-users] Understanding Wireshark / Sniffer Data
Previous by thread: Re: [Wireshark-users] Capture Filter not work for hub, seems like a bug?
Next by thread: [Wireshark-users] Understanding Wireshark / Sniffer Data
Index(es):
- Date
- Thread