Wireshark · Wireshark-users: [Wireshark-users] Decrypt Sample Captures files.

Wireshark-users: [Wireshark-users] Decrypt Sample Captures files.

From: "Gigel Dumitriu" <Gigel.Dumitriu@xxxxxxxxx>

Date: Wed, 25 Apr 2007 16:13:21 +1000

Hello,

I've installed Wireshark 0.99.5 on Windows XP pro and I've tried to see how kerberos decryption works using the SampleCaptures files from http://wiki.wireshark.org/Kerberos.

I've set the KRB5 protocol preferences to "Try to decrypt kerberos blobs" and I've specified the "Kerberos tab file" with the one supplied in the corresponding example then I've uploaded the .cap file.

The result was that I didn't get any "decrypt" information in any of those examples ("krb-816", "kerberos-Delegation", "constrained-delegation") - the original .cap file remained unchanged.

In fact even when I've set as keytab file a non-existent file, "Wireshark" loaded the .cap file happily without any 'File not found' errors.

Does anybody else had the same experience? Any help will be much appreciated.

Thanks.

Prev by Date: Re: [Wireshark-users] bad handling of DHCP option 90?
Next by Date: [Wireshark-users] Default Interface
Previous by thread: Re: [Wireshark-users] Assembling of fragmented IP protocol packets
Next by thread: [Wireshark-users] Default Interface
Index(es):
- Date
- Thread