Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

asked 2019-11-20 15:17:23 +0000

VadimZakharine gravatar image

Recovering corrupt packet captures

Hi,

as I've been porting to Python and publishing my earlier work related to recovering IPv4 packets from binary files, I started wondering about the subject of recivering corrupt packet capture files. Not just the last packet captured in the file truncated, but conditions when Wireshark hit a format error and stops processing the capture file well before its end. Any interest from the community? In my own experience I had a few critical problems where the capture file was corrupt and no backup copies were available, so I wrote a couple utilities for recovering the files. Still, maybe it was just my luck?

TIA Vadim

Recovering corrupt packet captures

Hi,

as I've been porting to Python and publishing my earlier work related to recovering IPv4 packets from binary files, I started wondering about the subject of recivering recovering corrupt packet capture files. Not just the last packet captured in the file truncated, but conditions when Wireshark hit a format error and stops processing the capture file well before its end. Any interest from the community? In my own experience I had a few critical problems where the capture file was corrupt and no backup copies were available, so I wrote a couple utilities for recovering the files. Still, maybe it was just my luck?

TIA The example with my script for recovering IPv4 is at https://www.linkedin.com/pulse/detecting-ipv4-packets-dumps-vadim-zakharine/

TIA
Vadim

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2