Is there such thing as decoding a wireshark pcap file. Is decoding a pcap file the same as transforming a wireshark pcap file to a windows txt file?

asked 17 Apr '12, 22:21

misteryuku's gravatar image

misteryuku
5242629
accept rate: 0%


No. See my answer to your other very similar question here

link

answered 17 Apr '12, 23:54

grahamb's gravatar image

grahamb ♦
7.8k224111
accept rate: 18%

That depends on what you mean by "decoding". It's "decoding" in the sense that it makes a human-readable file. It may or may not be a good format for a program - such as, oh, let's pick a hypothetical example, Splunk - to read; that would depend on the program.

If you want to know whether it would be something that Splunk could usefully process, you might try asking on the Splunk Q&A site rather than asking here on the Wireshark Q&A site.

link

answered 18 Apr '12, 11:29

Guy%20Harris's gravatar image

Guy Harris ♦♦
11.0k226140
accept rate: 17%

And if you mean decrypting, as in SSL or TLS encrypted traffic for HTTPS or some other protocol, then ask that question too.

link

answered 18 Apr '12, 16:06

inetdog's gravatar image

inetdog
16717
accept rate: 14%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×102
×8
×8

Asked: 17 Apr '12, 22:21

Seen: 3,167 times

Last updated: 18 Apr '12, 16:06

powered by OSQA