Ask Your Question
0

PCAP Interpretation

asked 2023-11-15 19:29:01 +0000

Nitin gravatar image

Hello,

I have a PCAP file, when opened using Wireshark it shows (in info) column a particular packet is for "Attach Request" and the other one for "Attach Accept". I exported this file in Json and trying to visually figure out which element gives this information to wireshark. I was unable to find it. Hence, my question, on what basis Wireshark gives a very useful information about the packet in "info" column, Which section of packet provides this information?

I need to do this as I am reading PCAP in java and intend to interpret this information for validation. Can you help please?

Thanks Nitin

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2023-11-15 19:46:50 +0000

Guy Harris gravatar image

Which section of packet provides this information?

That depends on the protocol.

I need to do this as I am reading PCAP in java and intend to interpret this information for validation.

You should find a specification for the protocol that includes those attach requests and responses, and read that.

edit flag offensive delete link more

Comments

Thank you . I am new to the PCAP and protocols. Essentially I am trying to design a PCAP analyser for my specific needs. I see in wreshark there is an info coloumn, that gives information about "Attach Reqest/Response" etc. I created Json of the same file and was trying to figure out from Json which one translates to "Attach Request" , could not make out. May be answer lies in your response, I need to understand protocols better.

Nitin gravatar imageNitin ( 2023-11-17 11:41:25 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2023-11-15 19:29:01 +0000

Seen: 201 times

Last updated: Nov 15 '23