Wireshark · Ethereal-users: RE: [Ethereal-users] Has anyone on this list used the ANASIL network sniffer product? Can Ethereal

Ethereal-users: RE: [Ethereal-users] Has anyone on this list used the ANASIL network sniffer pro

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "David DuPre'" <david@xxxxxxxxxxxxxxxx>

Date: Wed, 1 May 2002 16:13:51 -0400

Guy,
  I did read the list of supported file types long ago, and even again
before sending my email. I was surprised that this group used this other
tool instead of a normal sniffer from NAI, or Ethereal.  

  They didn't ask me before the capture, if they would have then I
certainly would have recommended they use Ethereal because it is always
my first choice.  I love it!

David

David DuPre'  

-----Original Message-----
From: Guy Harris [mailto:guy@xxxxxxxxxx] 
Sent: Wednesday, May 01, 2002 3:41 PM
To: David DuPre'
Cc: ethereal-users@xxxxxxxxxxxx
Subject: Re: [Ethereal-users] Has anyone on this list used the ANASIL
network sniffer product? Can Ethereal read it's trace files?

On Wed, May 01, 2002 at 03:32:23PM -0400, David DuPre' wrote:
> I am not sure why they didn't use Ethereal for the task, but now I am
> wondering if there is some way for Ethereal to read the binary file
> created by Anasil...

Only if it uses the same capture file format as one Ethereal already
reads; when it comes to capture file formats, "what you see in the man
page is what you get", i.e. the list of capture file formats in the
Ethereal man page is exhaustive, and files other than that can be read
only if the supplier of the capture program/device chose to use one of
the formats described therein.

You might try reading it, to see if they *did* choose a format that
Ethereal already supports (but I wouldn't be surprised to find that they
didn't choose a format Ethereal already supports).

If Ethereal currently can't read it, the only way it'll ever be able to
read it would be if

	1) information on the capture file format were made available to
	   Ethereal developers (and they had time to develop code to
	   read it);

	2) somebody who has the information contributes code to read
	   those files;

	3) capture files *AND* detailed descriptions of the captured
	   data (e.g. frame lengths, time stamps, and detailed analyses
	   of the packet contents) were made available to Ethereal
	   developers for reverse-engineering purposes (that'd require
	   even *more* time, and there's no guarantee it'd succeed).

References:
- Re: [Ethereal-users] Has anyone on this list used the ANASIL network sniffer product? Can Ethereal read it's trace files?
  - From: Guy Harris

Prev by Date: Re: [Ethereal-users] Has anyone on this list used the ANASIL network sniffer product? Can Ethereal read it's trace files?
Next by Date: [Ethereal-users] (no subject)
Previous by thread: Re: [Ethereal-users] Has anyone on this list used the ANASIL network sniffer product? Can Ethereal read it's trace files?
Next by thread: [Ethereal-users] Brodcasts and Multicasts total packests and frames count
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$