Wireshark-users: Re: [Wireshark-users] I am not decode the Nbap and sscop messages.
Date: 06-Aug-2007 16:57:35 ZE5B



Hi,

This packet contain the Nbap message but Wireshark does not decode this
message (I Enable all the protocols through "Enables protocols" option).

Please tell me the reason.

No.     Time        Source                Destination           Protocol
Info
 166785 83.426705   192.168.255.16        192.168.255.143       UDP
Source port: 9013  Destination port: 9013

Frame 166785 (78 bytes on wire, 78 bytes captured)
    Arrival Time: Aug  6, 2007 11:44:58.239002000
    [Time delta from previous packet: 0.032667000 seconds]
    [Time since reference or first frame: 83.426705000 seconds]
    Frame Number: 166785
    Packet Length: 78 bytes
    Capture Length: 78 bytes
    [Frame is marked: True]
    [Protocols in frame: eth:ip:udp:data]
Ethernet II, Src: HewlettP_a7:ee:52 (00:0e:7f:a7:ee:52), Dst:
Intel_c3:4b:b0 (00:0e:0c:c3:4b:b0)
    Destination: Intel_c3:4b:b0 (00:0e:0c:c3:4b:b0)
        Address: Intel_c3:4b:b0 (00:0e:0c:c3:4b:b0)
        .... ...0 .... .... .... .... = IG bit: Individual address
(unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
    Source: HewlettP_a7:ee:52 (00:0e:7f:a7:ee:52)
        Address: HewlettP_a7:ee:52 (00:0e:7f:a7:ee:52)
        .... ...0 .... .... .... .... = IG bit: Individual address
(unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
    Type: IP (0x0800)
Internet Protocol, Src: 192.168.255.16 (192.168.255.16), Dst:
192.168.255.143 (192.168.255.143)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
        0000 00.. = Differentiated Services Codepoint: Default (0x00)
        .... ..0. = ECN-Capable Transport (ECT): 0
        .... ...0 = ECN-CE: 0
    Total Length: 64
    Identification: 0x0000 (0)
    Flags: 0x04 (Don't Fragment)
        0... = Reserved bit: Not set
        .1.. = Don't fragment: Set
        ..0. = More fragments: Not set
    Fragment offset: 0
    Time to live: 64
    Protocol: UDP (0x11)
    Header checksum: 0xbabb [correct]
        [Good: True]
        [Bad : False]
    Source: 192.168.255.16 (192.168.255.16)
    Destination: 192.168.255.143 (192.168.255.143)
User Datagram Protocol, Src Port: 9013 (9013), Dst Port: 9013 (9013)
    Source port: 9013 (9013)
    Destination port: 9013 (9013)
    Length: 44
    Checksum: 0xcd18 [correct]
        [Good Checksum: True]
        [Bad Checksum: False]
Data (36 bytes)

0000  00 24 4a 00 01 17 00 00 00 00 02 58 40 0f 10 00   .$J........X@...
0010  01 40 00 0a 00 00 64 14 08 01 19 02 80 00 00 00   .@....d.........
0020  c8 00 00 1c



Thanks & Regards,
Vaibhav


                                                                           
             "Luis EG Ontanon"                                             
             <luis.ontanon@gma                                             
             il.com>                                                    To 
             Sent by:                  "Community support list for         
             wireshark-users-b         Wireshark"                          
             ounces@wireshark.         <wireshark-users@xxxxxxxxxxxxx>     
             org                                                        cc 
                                                                           
                                                                   Subject 
             08/06/2007 04:35          Re: [Wireshark-users] I am not      
             PM                        decode the Nbap and sscop messages. 
                                                                           
                                                                           
             Please respond to                                             
             Community support                                             
                 list for                                                  
                 Wireshark                                                 
             <wireshark-users@                                             
              wireshark.org>                                               
                                                                           
                                                                           




Which kind of file are you using?

On 06-Aug-2007 16:25:13 ZE5B, vaibhav.agarwal@xxxxxxxxxxx
<vaibhav.agarwal@xxxxxxxxxxx> wrote:
>
>
>
>
>
> Hi,
>
> I am using wireshark version 0.99.5,
> But I donot decode sscop and Nbap layer messages.
>
> please tell what is the procedure how to decode these layer messages.
>
>
> Thanks & Regards,
> Vaibhav
>
> ***********************  Aricent-Unclassified   ***********************
>
> "DISCLAIMER: This message is proprietary to Aricent  and is intended
solely
> for the use of
> the individual to whom it is addressed. It may contain privileged or
> confidential information and should not be
> circulated or used for any purpose other than for what it is intended. If
> you have received this message in error,
> please notify the originator immediately. If you are not the intended
> recipient, you are notified that you are strictly
> prohibited from using, copying, altering, or disclosing the contents of
> this message. Aricent accepts no responsibility for
> loss or damage arising from the use of the information transmitted by
this
> email including damage from virus."
>
>
>
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
>


--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan

Propertarianism joined to capitalist vigor destroyed meaningful
commercial competition, but when it came to making good software,
anarchism won.
-- Eben Moglen
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users



***********************  Aricent-Unclassified   ***********************

"DISCLAIMER: This message is proprietary to Aricent  and is intended solely
for the use of
the individual to whom it is addressed. It may contain privileged or
confidential information and should not be
circulated or used for any purpose other than for what it is intended. If
you have received this message in error,
please notify the originator immediately. If you are not the intended
recipient, you are notified that you are strictly
prohibited from using, copying, altering, or disclosing the contents of
this message. Aricent accepts no responsibility for
loss or damage arising from the use of the information transmitted by this
email including damage from virus."