2023-12-17 02:34:56 +0000 | received badge | ● Notable Question (source) |
2023-12-17 02:34:56 +0000 | received badge | ● Popular Question (source) |
2021-11-12 09:50:51 +0000 | received badge | ● Popular Question (source) |
2021-07-02 05:36:51 +0000 | commented answer | Dumpcap/tshark hint on how to use -b filter ok, I think this is the only way. It would be nice to have such "splitting" feature as sniffing filter for tshark. Do yo |
2021-07-01 11:28:53 +0000 | marked best answer | Dumpcap/tshark hint on how to use -b filter Hi, reading dumpcap documentation https://www.wireshark.org/docs/man-pa... I got interested in the buffer ring filter packet => "packets:value switch to the next file after it contains value packets.". Do you have any examples or hints on how to use it? Can I write pcap according to packets flags or header information? Thank you in advance |
2021-07-01 11:17:39 +0000 | received badge | ● Commentator |
2021-07-01 11:17:39 +0000 | commented answer | Dumpcap/tshark hint on how to use -b filter Thank you for the answer! Do you have any hint on how to manage a pacp according to packet content. My problem is mainly |
2021-07-01 11:08:58 +0000 | asked a question | Dumpcap/tshark hint on how to use -b filter Dumpcap/tshark hint on how to use -b filter Hi, reading dumpcap documentation https://www.wireshark.org/docs/man-pages |
2021-06-07 07:27:15 +0000 | received badge | ● Popular Question (source) |
2021-03-24 21:08:34 +0000 | edited question | Track back exported objects to pcap file Track back exported objects to pcap file I'm currently using Tshark commands into a python script to automatize net snif |
2021-03-24 21:07:51 +0000 | edited question | Track back exported objects to pcap file Track back exported objects to pcap file I'm currently using Tshark commands into a python script to automatize net snif |
2021-03-24 21:06:48 +0000 | edited question | Track back exported objects to pcap file Track back exported objects to pcap file I'm currently using Tshark commands into a python script to automatize net snif |
2021-03-24 21:06:37 +0000 | edited question | Track back exported objects to pcap file Track back exported objects to pcap file I'm currently using Tshark commands into a python script to automatize net snif |
2021-03-24 21:04:29 +0000 | edited question | Track back exported objects to pcap file Track back exported objects to pcap file I'm currently using Tshark commands into a python script to automatize net snif |
2021-03-24 21:04:22 +0000 | edited question | Track back exported objects to pcap file Track back exported objects to pcap file I'm currently using Tshark commands into a python script to automatize net snif |
2021-03-24 15:01:18 +0000 | asked a question | Track back exported objects to pcap file Track back exported objects to pcap file I'm currently using Tshark command "tashark -f mypcap --export-objects dicom, m |
2021-03-24 14:38:51 +0000 | received badge | ● Popular Question (source) |
2020-08-17 07:23:36 +0000 | marked best answer | dicom object extraction: discrepancy between tshark and wireshark I noticed that if I extract dicom objects from a pcap file the result is different if Wireshark or Tshark is used. For Wireshark three dicom are extracted for each reassembled ID while for Tshark just one. For example, if I have a CT Image Storage Fragment (reassembled in #3721) with Wireshark I will have three files with #3721 while in Tshark just one. Can someone explain to me how come does it happen? |
2020-08-12 09:14:46 +0000 | commented question | dicom object extraction: discrepancy between tshark and wireshark https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16771 |
2020-08-11 10:22:32 +0000 | commented question | dicom object extraction: discrepancy between tshark and wireshark I can confirm that wireshark and tshark version 2.6 both give the same result without file repetition. |
2020-08-11 07:56:14 +0000 | commented question | dicom object extraction: discrepancy between tshark and wireshark ops....you are right, I'm using two different versions of tshark(2.6) and wirteshark(3.2). I can repeat the test with Wi |
2020-08-10 17:10:38 +0000 | asked a question | dicom object extraction: discrepancy between tshark and wireshark dicom object extraction: discrepancy between tshark and wireshark I noticed that if I extract dicom objects from a pcap |
2020-07-27 09:44:00 +0000 | marked best answer | tshark with --export-dicom gives “Segmentation fault (core dumped)” My problem is described in this stack overflow question https://stackoverflow.com/questions/6.... Is this a known bug? I would like to provide you the stack trace with gdb but I'm having trouble getting the binary, maybe you can guide me through this process. Add output of thsark -v ON THE HOST: ON CONTAINER: |
2020-07-27 09:43:37 +0000 | commented question | tshark with --export-dicom gives “Segmentation fault (core dumped)” Sure, my intention is also to report this as Bug (just need to find some time). I wanted to thank you just for the fast |
2020-07-27 09:42:15 +0000 | commented question | tshark with --export-dicom gives “Segmentation fault (core dumped)” Sure, my intention is also to report this as Bug (just need to find some time). I wanted to thank you just for the fast |
2020-07-22 11:38:49 +0000 | commented question | tshark with --export-dicom gives “Segmentation fault (core dumped)” I confirm that the problem is only with version 3.2, when I switch to version 2.6 and ubuntu 18.4 I don't have this bug |
2020-07-22 11:38:04 +0000 | commented question | tshark with --export-dicom gives “Segmentation fault (core dumped)” I confirm that the problem is only with version 3.2, when I switch to version 2.6 I don't have this bug anymore. Thanks |
2020-07-20 16:48:55 +0000 | edited question | tshark with --export-dicom gives “Segmentation fault (core dumped)” tshark run in a docker container gives “Segmentation fault (core dumped)” My problem is described in this stack overflow |
2020-07-20 16:48:42 +0000 | commented question | tshark with --export-dicom gives “Segmentation fault (core dumped)” Running with -V I could see that tshark crashes exactly on dicom packet (segment). The output with -v you can find in t |
2020-07-20 16:46:58 +0000 | edited question | tshark with --export-dicom gives “Segmentation fault (core dumped)” tshark run in a docker container gives “Segmentation fault (core dumped)” My problem is described in this stack overflow |
2020-07-20 16:46:38 +0000 | edited question | tshark with --export-dicom gives “Segmentation fault (core dumped)” tshark run in a docker container gives “Segmentation fault (core dumped)” My problem is described in this stack overflow |
2020-07-20 16:46:08 +0000 | commented question | tshark with --export-dicom gives “Segmentation fault (core dumped)” Running with -V I could see that tshark crashes exactly on dicom packet (segment). The output with -v you can find in t |
2020-07-20 16:46:01 +0000 | edited question | tshark with --export-dicom gives “Segmentation fault (core dumped)” tshark run in a docker container gives “Segmentation fault (core dumped)” My problem is described in this stack overflow |
2020-07-19 10:45:41 +0000 | edited question | tshark with --export-dicom gives “Segmentation fault (core dumped)” tshark run in a docker container gives “Segmentation fault (core dumped)” My problem is described in this stack overflow |
2020-07-19 10:33:33 +0000 | asked a question | tshark with --export-dicom gives “Segmentation fault (core dumped)” tshark run in a docker container gives “Segmentation fault (core dumped)” My problem is described in this stack overflow |
2020-07-15 12:00:01 +0000 | commented question | Can't export dicom objects although present in pcap I discovered that Dicom packets were corrupted, there fore it was not possible to extract DICOM object. I think it is po |
2020-07-10 13:01:27 +0000 | asked a question | Can't export dicom objects although present in pcap Can't export dicom objects although present in pcap I want to export a dicom object from pcap file, I can see with packe |
2020-04-18 13:27:08 +0000 | marked best answer | Tshark export object with IPs While exporting objects with Tshark there is the possibility to ask for the IPs involved? I need to recover the information about IP sender and IP receiver of the file |
2020-04-16 11:45:38 +0000 | commented question | Tshark export object with IPs I'm exporting dicom objects. Tshark version is 3.2.2 |
2020-04-16 11:39:42 +0000 | asked a question | Tshark export object with IPs Tshark export object with IPs While exporting objects with Tshark there is the possibility to ask for the IPs involved? |
2020-03-27 09:54:31 +0000 | commented answer | How can I extract the DICOM headers of files from a capture of traffic? Hi! Thanks, the export is working, but the file is kind of corrupt, I can't open it. Is it normal that on export I only |
2020-03-27 09:54:07 +0000 | commented answer | How can I extract the DICOM headers of files from a capture of traffic? Hi! Thanks, the export is working, but the file is kind of corrupt, I can't open it. Is it normal that on export I only |
2020-03-27 09:05:07 +0000 | marked best answer | How can I extract the DICOM headers of files from a capture of traffic? I have pcap files with DICOM protocols, is it possible to read the content of the packet and extract the DICOM header of the file sent in the network? What I don't understand is if I can recover the file content from the packed information. Is this information stored in the packet bytes pane? |
2020-03-27 09:05:07 +0000 | received badge | ● Scholar (source) |
2020-03-26 18:27:59 +0000 | asked a question | How can I extract the DICOM headers of files from a capture of traffic? DICOM headers I have pcap files with DICOM protocols, is it possible to read the content of the packet and extract the D |