Thanks
Steve,
Which
dissector (working on which packet level\layer) though according to your
knowledge will be able to actually tell me that this traffic belongs to Oracle
at all?
Just to
clarify, the passive is not the prerequisite here – but the
credential-less is. So I would still not let go on Wireshark at this stage,
unless this is really futile.
Thanks,
Tal
From: Stephen
Fisher <steve@xxxxxxxxxxxxxxxxxx>
Date: Thu, 21 May 2009 14:54:06
-0600
On Thu, May 21, 2009 at 02:51:39PM -0500, Beno, Tal wrote:
> I need to run Wireshark\tshark and simply identify which machines are
> running oracle and with what versions.
>
> Which dissectors can help me to accomplish and retrieve that data? Is
> that part of the current dissector's bundle?
Wireshark watches traffic going by in a passive manner. The dissectors
*might* be able to identify the version of Oracle (I don't know how well
we support it if at all). It sounds like you would be better suited to
use an active scanning tool such as Nmap.
Steve
From: Beno, Tal
Sent: Thursday, May 21, 2009 3:52
PM
To: 'wireshark-users@xxxxxxxxxxxxx'
Subject: Oracle
Hi all,
Being so new with this technology I would humbly ask for
your answer with this quick question.
I need to run Wireshark\tshark and simply identify which
machines are running oracle and with what versions.
Which dissectors can help me to accomplish and retrieve that
data? Is that part of the current dissector’s bundle?
Thanks,
Tal
