Wireshark-users: Re: [Wireshark-users] Understand wireshark data
From: Martin Visser <martinvisser99@xxxxxxxxx>
Date: Sat, 15 Aug 2009 08:56:16 +1000
Deostroll,

Probably the first thing you can do is use Wireshark or tshark instead of tcpdump to capture and view your data. This will give you a better decoded view of what is going on. Secondly if you do want to understand how the Telnet or protocols work you really need to start reading some references. You could start at wikipedia or google for "tcp protocol explained". There are also some good books available at good bookstores or technical college libraries.


Regards, Martin

MartinVisser99@xxxxxxxxx


On Fri, Aug 14, 2009 at 3:50 PM, <deostroll@xxxxxxxxx> wrote:
Hi. I want to be able to understand what kind of messages I want to send from my client app to a telnet server in order to get the correct response. But I have got data like the following:

10:52:23.457030 IP vit106.allsectech.com.3568 > pds2.23: S 1116459951:1116459951(0) win 64512 <mss 1460,nop,nop,sackOK>
0x0000: 4500 0030 d7a3 4000 8006 4483 ac10 046a E..0..@...D....j
0x0010: ac10 8216 0df0 0017 428b d3af 0000 0000 ........B.......
0x0020: 7002 fc00 843b 0000 0204 05b4 0101 0402 p....;..........

Can I make sense of this and then understand what messages my app should send?

--deostroll
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe