On Thu, Sep 01, 2011 at 02:44:25PM +0530, samarjit das wrote:
> I have taken sniffer capture at both ends(source & destination) of
> communication but how can I track a single packet at both sides of
> capture. Is there any unique # tagged into the packet from which it
> can be identified that this is the packet reaching the destination
> side capture which was sent by source.
Some dissectors, such as frame and data, have a preference to generate
an MD5 hash of the payload. As others have stated, this will usually
change for things like the frame dissector as headers are added and
stripped at different layers. The data dissector's MD5 hash should
remain the same on both sides, but usually you won't see the data
dissector showing up. Disabling all higher level protocols (higher than
the layers which changes are typically made: layers 2 - 4 of the OSI
model) will cause the data dissector to show up. Then change its
preference to check mark the "Generate MD5 hash" option.
