Ask Your Question

grahamb's profile - activity

2020-08-09 11:12:16 +0000 edited answer TFTP packet size and MTU

Logically, the higher the packet size the less number of packets required to send a file. This is true when I try 128

2020-08-09 11:10:36 +0000 commented question Wireshark not displaying some request packets

wireshark\tshark version? And can you share a capture that demonstrates the issue, use a public share such as Google Dr

2020-08-08 18:57:06 +0000 commented question TFTP packet size and MTU

Use data.len as the column rather than frame.len to see the reassembled length.

2020-08-08 18:51:56 +0000 commented question wireshark: Decrypting TLS traffic

What application are you hoping to extract the pre-master secret from? Have you read the info from the wiki TLS page

2020-08-08 14:17:20 +0000 commented question TFTP packet size and MTU

Is is often the case, attempting to diagnose issues with a screenshot is difficult because important information elsewhe

2020-08-07 12:16:13 +0000 commented answer Different versions of SIP packets on local and remote site?

I have no clue about SIP and what can be modified by hops, but the SIP element has clearly been modified as the UDP payl

2020-08-07 11:52:20 +0000 commented question Is it possible to capture traffic from serial port?

What OS are you using?

2020-08-06 15:16:23 +0000 commented question Different versions of SIP packets on local and remote site?

Images can be posted on any public share and a link to it posted back here, but debugging by screenshot is very tricky a

2020-08-06 15:09:48 +0000 commented question Different versions of SIP packets on local and remote site?

Sorry I couldn’t find how to reply to each and make with add a comment, is not like other forums Could you make both

2020-08-06 15:09:08 +0000 commented question Different versions of SIP packets on local and remote site?

Sorry I couldn’t find how to reply to each and make with add a comment, is not like other forums Is it possible to s

2020-08-06 15:08:44 +0000 commented question Different versions of SIP packets on local and remote site?

To grahamb What sort of network devices are in between the local and remote site? Could they be modifying the SIP me

2020-08-06 15:08:13 +0000 commented question Different versions of SIP packets on local and remote site?

Commented: grahamb You're using a very, very old version of Wireshark (1.6.2) that's been obsolete (and therefore u

2020-08-06 12:39:44 +0000 commented question Different versions of SIP packets on local and remote site?

You're using a very, very old version of Wireshark (1.6.2) that's been obsolete (and therefore unsupported) for over 7 y

2020-08-06 12:35:02 +0000 commented question Different versions of SIP packets on local and remote site?

Sorry I couldn’t find how to reply to each and make with add a comment, is not like other forums Could you make both th

2020-08-06 09:51:18 +0000 commented question Different versions of SIP packets on local and remote site?

What sort of network devices are in between the local and remote site? Could they be modifying the SIP message?

2020-08-06 09:49:43 +0000 commented question ring buffer requested but capture isn't being saved to a permanent file

Bug 16759 created.

2020-08-06 09:48:24 +0000 edited question ring buffer requested but capture isn't being saved to a permanent file

ring buffer requested but capture isn't being saved to a permanent file I've tried below 2 cases: Ubuntu commandline:

2020-08-05 14:09:20 +0000 edited answer How to avoid ICMP "Destination Protocol Unreachable" with ERSPAN to WIndows 10

Have you unbound all protocols from the workstation NIC to make it passive? See a blog post from @Jasper here.

2020-08-05 08:53:45 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

@Eddy CMake should write errors to the CMakeFiles\CMakeError.log which might give some clues about the compiler identifi

2020-08-05 07:19:06 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

@cmaynard Great suggestion to look at the build slaves, in this case I would suggest the 3.2 set as the user is trying t

2020-08-04 19:42:58 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

Formatted for better inspection: C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\\Extensions\

2020-08-04 19:40:32 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

Path: Path=C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\\Extensions\Microsoft\IntelliCode\

2020-08-04 14:52:20 +0000 commented answer TLS RSA Key Extraction (Help/Hint Wanted)

No need, accepting the answer is what we like folks to do here and you've done that so job done.

2020-08-04 14:15:20 +0000 edited question TLS RSA Key Extraction (Help/Hint Wanted)

Key Extraction (Help/Hint Wanted) HI all, Hope you are all safe!! I need some help with an exercise I have if anyone c

2020-08-04 14:14:41 +0000 commented answer TLS RSA Key Extraction (Help/Hint Wanted)

It's an area that has changed a bit recently and so a lot of third party tutorials and examples are out of date.

2020-08-04 14:12:36 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

OK, so the CMakeLists.txt expects CMAKE_CL_64 to be TRUE, and it isn't in your case. That's set by CMake if it's using

2020-08-04 13:56:56 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

This bit of output is odd, not sure what that means: -- The C compiler identification is unknown -- The CXX compiler id

2020-08-04 13:29:28 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

More output: -- Selecting Windows SDK version 10.0.18362.0 to target Windows 10.0.19041. -- The C compiler identificat

2020-08-04 13:27:58 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

-- Selecting Windows SDK version 10.0.18362.0 to target Windows 10.0.19041. -- The C compiler identification

2020-08-04 12:17:00 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

And you should be setting QT5_BASE_DIR. Another thought, are you using a build directory that you've previously configu

2020-08-04 12:12:35 +0000 commented question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

After opening the prompt, the banner should look like this: ***********************************************************

2020-08-04 12:10:06 +0000 edited question How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32)

How to fix Cmake The PLATFORM environment variable (x64) doesn't match the generator platform (win32) Building in Window

2020-08-04 11:13:42 +0000 commented question TLS RSA Key Extraction (Help/Hint Wanted)

As you haven't mentioned it yet, the Wireshark Wiki page on TLS has info about the keying material required to decrypt a

2020-08-03 15:49:24 +0000 commented answer How to avoid ICMP "Destination Protocol Unreachable" with ERSPAN to WIndows 10

Getting outside my knowledge boundaries here, but are you terminating the ERSPAN tunnel on the PC or the core switch? A

2020-08-03 15:48:04 +0000 commented answer How to avoid ICMP "Destination Protocol Unreachable" with ERSPAN to WIndows 10

Getting outside my knowledge boundaries here, but are you terminating the ERSPAN tunnel on the PC or the core switch? A

2020-08-03 15:20:07 +0000 answered a question How to avoid ICMP "Destination Protocol Unreachable" with ERSPAN to WIndows 10

Have you unbound all protocols from the workstation NIC to make it passive? See this blog post from @Jasper here.

2020-08-03 15:20:07 +0000 received badge  Rapid Responder (source)
2020-08-03 11:17:37 +0000 answered a question 2way SSL is set in IIS, in browser a client certificate is required, but when i capture the traffic in wireshark i see the handshake type is '11'

A "Certificate Request" from the server should appear between the "Server Hello" and "Server Hello Done" messages and ca

2020-08-03 11:17:37 +0000 received badge  Rapid Responder (source)
2020-08-01 13:40:37 +0000 edited question How to get the hidden radio stream links in order to create my list of radios on Reciva.

Hi, I'd like to get the hidden radio stream links in order to create my list of radios on Reciva. Any help? I'm a newbie

2020-07-31 15:31:08 +0000 edited question ESP traffic seen in clear with NULL encryption algorithm only if authentication is SHA1, not SHA256

ESP traffic seen in clear with NULL encryption algorithm only if authentication is SHA1, not SHA25. Why ?6 hi, with encr

2020-07-31 14:40:18 +0000 edited question ESP traffic seen in clear with NULL encryption algorithm only if authentication is SHA1, not SHA256

traffic seen clear with NULL encryption algorithm only if authentication is SHA1, not SHA25. Why ?6 hi, with encryption-

2020-07-31 09:36:18 +0000 commented question TLS record layer and Handshake protocol

@technologyevangelist, we don't generally close questions here, instead if an answer has answered your question, please

2020-07-31 08:33:57 +0000 commented answer TLS record layer and Handshake protocol

If an answer has answered your question, please accept it for the benefit of others with the same question by clicking t

2020-07-31 08:17:58 +0000 commented answer TLS record layer and Handshake protocol

Think of all the billions of older IoT type devices and home routers etc. that know nothing about TLS 1.3. the earlier

2020-07-31 08:16:13 +0000 commented answer TLS record layer and Handshake protocol

Think of all the billions of older IoT type devices and home routers etc. that know nothing about TLS 1.3. the earlier

2020-07-31 07:43:27 +0000 commented answer TLS record layer and Handshake protocol

Wireshark is setting the protocol as TLS 1.3 because that version is supported by the client. As you imply, the server

2020-07-30 19:33:02 +0000 commented question I need to learn how to read and understand a wireshark packet capture output.

Not really a question that can be answered here. Google is your friend, there are tons of Wireshark resources out there

2020-07-30 19:26:08 +0000 received badge  Rapid Responder (source)
2020-07-30 19:26:08 +0000 answered a question TLS record layer and Handshake protocol

See the TLS 1.3 RFC 8446, section 4.2.1 where the SupportedVersions extension is discussed. For TLS 1.3, if the Suppor