Ask Your Question
0

Text part of the hex dump pane isn't showing the packet bytes as ASCII characters

asked 2019-08-01 20:46:05 +0000

Cougar gravatar image

updated 2019-08-02 19:06:26 +0000

Guy Harris gravatar image

I have 2 computers, main ones' OS is windows 10, 2nd one Ubuntu.

My windows 10 uses WireShark V1.2.4 .

Ubuntu uses V2.6.8 .

When capturing packets between computers I noticed the V1.2.4 is showing UDP and TCP Streams in the packet.

But I am not seeing the UDP or TCP Stream in the V2.6.8.

I can go to "Analyze > Follow >", and follow them.

However, I would like to see that data in the packets just like the V1.2.4 shows it.

Question: How do set packet capture to enable UDP and TCP Streams in V2.6.8?

Version 2.6.8 (Git v2.6.8 packaged as 2.6.8-1~ubuntu18.04.0)

Version 1.2.4 (SVN Rev 30978)< Windows 10.

edit retag flag offensive close merge delete

Comments

Are you sharing the same capture, or are you capturing on the 2 different systems and seeing different results?

You should upgrade the version on the Win 10 system. 1.2.4 was EOL'd Jun 30 2011 and there is no support whatsoever for it.

grahamb gravatar imagegrahamb ( 2019-08-01 20:59:26 +0000 )edit

The 1.2.4 is fine for now.

"capturing on the 2 different systems and seeing different results?"< Yes!

Version 2.6.8 is not showing UDP or TCP streams in packets.

Version 1.2.4 shows those steams in packets.

The "Version 2.6.8 (Git v2.6.8 packaged as 2.6.8-1~ubuntu18.04.0)" is the issue.

The packets are missing the UDP & TCP Streams in the capture.

The readable ASCII text is not there in V2.6.8.

Cougar gravatar imageCougar ( 2019-08-01 21:17:36 +0000 )edit

Version 2.6.8 is not showing UDP or TCP streams in packets.

What do you mean by "in packets"? Analyze > Follow displays the streams in a separate window. You say "I can go to "Analyze > Follow >", and follow them." - does that mean that the separate window does pop up in 2.6.8?

Are you referring to the ASCII text that appears to the right of the hex dump in the "hex dump" pane?

Guy Harris gravatar imageGuy Harris ( 2019-08-02 04:31:11 +0000 )edit

does that mean that the separate window does pop up in 2.6.8?

yes! and the readable ascii text is there. Works in 1.2.4 version too.

Are you referring to the ASCII text that appears to the right of the hex dump in the "hex dump" pane? < Yes!

https://ibb.co/DD2VMRF ,V1.2.4 Windows 10. ASCII text in packet.

https://ibb.co/bdBN8Tg ,V2.6.8 Ubuntu. No ASCII text in packet.

I hope these pic help understand my question.

That is the same UDP/data in packet in both pics, V1.2.4 win10 shows text in packet, V2.6.8 Ubuntu does not.

Cougar gravatar imageCougar ( 2019-08-02 05:12:12 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2019-08-02 15:19:25 +0000

grahamb gravatar image

I think you have changed the display to show text encoded as EBCDIC.

Right click the text area in the Ubuntu version, and select "...as ASCII".

edit flag offensive delete link more

Comments

Thank you! Thank you! Thankyou! Never did ever think to right click that pane! I am disappointed in myself for not finding that! I now have text in packet!

Cougar gravatar imageCougar ( 2019-08-02 18:29:57 +0000 )edit

Please check the checkmark for this answer, to indicate that it correctly answered your question. (That's the way you indicate that a question has been answered.)

Guy Harris gravatar imageGuy Harris ( 2019-08-02 19:07:13 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-08-01 20:46:05 +0000

Seen: 3,269 times

Last updated: Aug 02 '19