[e2e] A simple question about handling the dump files

Thu Mar 2 05:19:00 PST 2006

On Thu, 02 Mar 2006 shaohe wrote :
><p>    Could some one please give me some advice about handling the tcp dump files? I'm working on an analysis of the network traffic. However, under the Windows environment, I can not find any useful tool to visualize or handle the dump files conveniently.<p>    

Have you tried ethereal(multi platform protocol analyzer) for windows....

regards,
sampad mishra.

Tcptrace i known is a common tool to analyze network traffic and take as input dump files. Unfortunately, it is seem that what tcptrace does is very different from what i want.<p>    <p>    Could somebody help me ,the information related to the follow topic are valuable for me:<p>  <p>    first, how can i to display the dump file in an understandable style, or to transform the binary format of original dump file to a more friend format, such as the text format etc. (note: under Windows OS)<p><p>    second, the output format of dump file still confused me. Do all records in the files have the same size in bytes? if so, what is the number of bytes? <p>      In addition, I want to read a record each time, but how to ju!
>  dge the end of a record if the lengths of records of different protocols (e.g. tcp, udp) are variable ?   <p>   <p>     Thanks very much !!<p>                                            Shaohe lv <p>                                              Mar. 02 2006
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.postel.org/pipermail/end2end-interest/attachments/20060302/c0e9fe9b/attachment-0001.html