2020-11-12 01:42:59 +0000 | commented answer | TShark command to decode WSMP? Yep, that was it. The version of Wireshark supplied in Ubuntu 18.04.2 is too old. Either running this on Ubuntu 20 or bu |
2020-11-12 01:40:35 +0000 | marked best answer | TShark command to decode WSMP? What is the command to have tshark decode the WSMP portion of a packet? I have a pcap file (sample available) that I can open with Wireshark. Wireshark shows the WSMP portion of the packet. (Image available showing this, but I don't have enough karma to upload it.) But when I decode the packets using tshark, it only shows "Data" for that portion of the packet. I've tried various combinations of the -d argument, but all the different combinations I've tried result in either the "unknown layer type" error or "Protocol "wsmp" isn't valid for layer type ..." for any of the layer types I've tried. So I haven't been able to find the right parameters. Any tips, pointers, suggestions, ideas would be greatly appreciated. Thanks! Ken Notes: I think it should be possible to do this, because the output from: shows: But, the following command: Produces this output: (more) |
2020-11-12 01:40:35 +0000 | received badge | ● Scholar (source) |
2020-11-11 02:18:38 +0000 | commented question | TShark command to decode WSMP? Bingo! That was it. Trying it on an Ubuntu 20.04 system worked perfect. If it's of any value to you to post that as an a |
2020-11-11 02:03:00 +0000 | commented question | TShark command to decode WSMP? Wow. Thank you (seriously) for reminding me to supply information that I should have remembered to supply in the first p |
2020-11-10 15:18:11 +0000 | asked a question | TShark command to decode WSMP? TShark command to decode WSMP? What is the command to have tshark decode the WSMP portion of a packet? I have a pcap fi |