Wireshark · Ethereal-dev: Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu

Ethereal-dev: Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Ronnie Sahlberg" <ronnie_sahlberg@xxxxxxxxxxxxxx>

Date: Sun, 30 Nov 2003 12:30:29 +1100

In order to identify DCERPC protocols, we MUST remember the state associated
with the context identifier from
the previous DCERPC BIND call.

In order to recognize RTP we need to remember state from the H.245 protocol.

In order to recognize something as H.245 we must remember state from the
H.225 protocol.

In order to recognize that something is a ONC-RPC Reply (NFS etc) we must
remember state from the previous
matching ONCRPC Call.

If we dont track state it is not possible to dissect a large number of
protocols.

etc etc.

----- Original Message ----- 
From: "Blue Boar"
Sent: Sunday, November 30, 2003 9:20 AM
Subject: Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu

> Guy Harris wrote:
> > Sometimes the state needed to dissect a packet doesn't come from other
> > packets in the same TCP segment, even if the protocol in question
> > happens to be running atop TCP (which, as per "Won't work for UDP, I
> > suppose", isn't necessarily the case).
>
> Strange.  Like what?  DNS names?
>
> BB
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev

References:
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Ulf Lamping
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Blue Boar
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Ronnie Sahlberg
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Blue Boar
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Guy Harris
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Blue Boar
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Ronnie Sahlberg
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Blue Boar
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Guy Harris
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Blue Boar
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Guy Harris
- Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
  - From: Blue Boar

Prev by Date: RE: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
Next by Date: Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
Previous by thread: Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
Next by thread: Re: [Ethereal-dev] Redesign of the WHOLE Ethereal main menu
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$