How do I decode a UDP encapsulated FTP packet ?
As title, I captured a FTP packet which is encapsulated by a UDP header, how do I decode it ? My version is 3.4.2 thanks!
As title, I captured a FTP packet which is encapsulated by a UDP header, how do I decode it ? My version is 3.4.2 thanks!
Please start posting anonymously - your entry will be published after you log in or create a new account.
Asked: 2021-02-09 07:40:29 +0000
Seen: 310 times
Last updated: Feb 09 '21
Are these UFTP packets?
Are these TFTP packets?
No, these are traditional FTP packets. In version 3.4.2, I have no idea to decode them, but in old version(1.x), it’s easy to decode them just click & apply,!
What kind of encapsulation is used to encapsulate the TCP-FTP packets in UDP packets (assuming you mean FTP-over-TCP when you say "traditional FTP packets"). Can you share an exaple capture?
link text
I share my capture as above,this is what the packet looks like
The UDP payload does not resemble something the FTP protocol would produce. Was the payload anonimized?
Regarding encapsulations, if the same layers are present in the anonimized packet as in the original packet, then there seems to be no encapsulation.
I have no idea how to dissect this packet, also Wireshark 1.12 does not seem to dissect this packet futher than just UDP.