[e2e] A simple question about handling the dump files
Zhani Mohamed Faten
zhani_med_faten at yahoo.fr
Thu Mar 2 07:00:55 PST 2006
Hi
Here you have more traces captured with tcpdump and some software to use to have more friend format and to look graphically the traffic.
http://ita.ee.lbl.gov/index.html
http://ita.ee.lbl.gov/html/traces.html
http://ita.ee.lbl.gov/html/software.html
for other tools like ethreal, it is a nice tool but treatment time of the data especially when analysing huge quantity of traffic is very long.
tcptrace is a very good tool and you can read more about the existing modules, I think you'll find analysis that you need.
for windows or Linux environment, it's better to use Linux since original versions of this tools was developped for Linux but still you can install cygwin under windows and use Linux programs there even with graphical interface
what are you interested iin exactly ?
Any questions are welcome,
Regards
Zhani Mohamed Faten
sampad mishra <sampad_m at rediffmail.com> a écrit :
On Thu, 02 Mar 2006 shaohe wrote :
><p> Could some one please give me some advice about handling the tcp dump files? I'm working on an analysis of the network traffic. However, under the Windows environment, I can not find any useful tool to visualize or handle the dump files conveniently.<p>
Have you tried ethereal(multi platform protocol analyzer) for windows....
regards,
sampad mishra.
Tcptrace i known is a common tool to analyze network traffic and take as input dump files. Unfortunately, it is seem that what tcptrace does is very different from what i want.<p> <p> Could somebody help me ,the information related to the follow topic are valuable for me:<p> <p> first, how can i to display the dump file in an understandable style, or to transform the binary format of original dump file to a more friend format, such as the text format etc. (note: under Windows OS)<p><p> second, the output format of dump file still confused me. Do all records in the files have the same size in bytes? if so, what is the number of bytes? <p> In addition, I want to read a record each time, but how to ju!
> dge the end of a record if the lengths of records of different protocols (e.g. tcp, udp) are variable ? <p> <p> Thanks very much !!<p> Shaohe lv <p> Mar. 02 2006
---------------------------------
Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international.Téléchargez la version beta.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.postel.org/pipermail/end2end-interest/attachments/20060302/be9933f8/attachment.html
More information about the end2end-interest
mailing list