>Does anybody know whether
>
> there's public Cisco documentation for the layout of
> protocols such as DISL, VTP, CDP (for which we have a partial
> dissector based on looking at packets and reading an Internet
> draft for a CDP-derived protocol), and so on
There was documentation for ISL on Cisco's site at one time. ISL (which I
assume DISL is a variant of) is basically their proprietary solution for
VLAN encapsulation, it predates the 802.1q stuff that Ethereal already
handles.
ISL spec here:
http://www.cisco.com/warp/public/741/4.html
I had a link that looked like the spec for VTP but it appears to be gone.
Here is some general info on VTP:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_4_5/config/v
tp.htm
As for non-public docs that the analyzer vendors get access to....this DOES
occasionally happen. For instance the NCC Lanalyzer (and later Lanalyzer
for Windows) always did a better job of decoding the Novell protocols
because they had access to internal docs through a relationship with Novell.
However I think some of the analyzer vendors simply reverse-engineer the
packet formats. Often this is not difficult at all, especially if you have
some technical docs that describe the features of the protocol.
=====================================
Tim Farley
Software Engineer
tfarley@xxxxxxx
Internet Security Systems, Inc.
(678) 443-6000 / Direct Dial (678) 443-6189 / fax (678) 443-6479
http://www.iss.net
Adaptive Network Security for the Enterprise
=====================================
