Ethereal-dev: [Ethereal-dev] Re: format string in ssl dump

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Joerg Mayer <jmayer@xxxxxxxxx>
Date: Wed, 13 Dec 2000 02:24:40 +0100
On Tue, Dec 12, 2000 at 08:47:22AM +0000, Matthew Franz wrote:
> I've found SSLdump to be a lot more stable if you capture with tcpdump -w
> and analyze it non real-time. Eric Rescorla's book (SSL and TLS: Designing
> and Building Secure Secure Systems) is an excellent treatment of the
> topic, though..
> 
> The same caution applies to Ethereal (both to the GTK version and
> tethereal) which IMHO segfaults so frequently to make it nearly useless
> for real-time capture, particularly for looking at bogus packets.
> 
> A variety of malformed DNS and ISAKMP packets easily crash it. Tcpdump is
> significantly more robust and probably the safest choice for traffic
> capture, especially if you're analyzing malformed packets.

Matthew,

which version of Ethereal are you referring to with your statement? Also
sample packets or traces that demonstrate the problem would be most
welcome. Thanks for your help.

  Joerg

-- 
Joerg Mayer                                          <jmayer@xxxxxxxxx>
I found out that "pro" means "instead of" (as in proconsul). Now I know
what proactive means.