Ethereal-dev: [Ethereal-dev] Tethereal0911 pbs on http dissector ...

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: rmkml <rmkml@xxxxxxxxxx>
Date: Thu, 17 Apr 2003 16:06:38 +0200
Hi All,

I submit this tcpdump file,

on this file, I found multiple web (80/tcp) trafic sessions :

  4 07:27:27.124244 217.21.114.138 -> 217.128.40.168 HTTP Continuation
  7 07:27:47.118987 217.128.40.168 -> 217.21.114.138 HTTP Continuation
 14 07:27:48.445287 217.21.114.138 -> 217.128.40.168 HTTP Continuation
 17 07:28:08.434051 217.128.40.168 -> 217.21.114.138 HTTP Continuation
 24 07:28:09.760728 217.21.114.138 -> 217.128.40.168 HTTP CONNECT
64.157.4.84:25 HTTP/1.1
 26 07:28:09.779377 217.128.40.168 -> 217.21.114.138 HTTP HTTP/1.1 405
Method Not Allowed

but two first sessions is not clean, look apache1327 access_log :

217.21.114.138 - - [17/Apr/2003:07:27:27 +0200] "\x04\x01" 501 - "-" "-"

217.21.114.138 - - [17/Apr/2003:07:27:48 +0200] "\x05\x01" 501 - "-" "-"

217.21.114.138 - - [17/Apr/2003:07:28:09 +0200] "CONNECT 64.157.4.84:25
HTTP/1.1" 405 243 "-" "-"

and error_log :

[Thu Apr 17 07:27:27 2003] [error] [client 217.21.114.138] Invalid
method in request \x04\x01
[Thu Apr 17 07:27:48 2003] [error] [client 217.21.114.138] Invalid
method in request \x05\x01
(and not found error on Method CONNECT in apache log ...)

I don't say change http dissector ... (I am not C dev)

Thanks for any help or comments.

Regard.

Attachment: 217.21.114.138-attak.tcpdump.gz
Description: GNU Zip compressed data