Ethereal-users: RE: [Ethereal-users] Quick Question for you.
> > Is there a way to capture data using tethereal with Network
> associates
> > Windows Based 2.00x format?
>
> Presumably you ultimately mean "is there any way to *write* capture
> files that can be read by Sniffers?"
Yes. Particularly I want to write a file with tethereal that will
be readable with NAI's Sniffer Pro 4.0+ . Ethereal can read Sniffer
Pro's format, so I thought there might be a sneaky way to also write it.
> If the files it currently writes aren't readable by Sniffers, the only
> way to do so would be to debug the current code into working.
>
> This would require somebody who has Sniffers to spend time with the
> code, comparing files that work with the files written by
> Ethereal, and
> trying various things until they get something that the Sniffers *can*
> read.
Well, the current version of ethereal can read the Sniffer Pro
format (which seams to be netxray in disguise), so I was thinking that
if there was already a way to read it there must be some way to write it,
but as you have pointed out this may not be the case at all.
> If there is any *complete* documentation on the file formats
> (sufficient
> to allow the files to be written; some Sniffers had some documentation
> on the file format, but it didn't describe the format of all the
> records, and that wasn't even enough to allow us to write all the code
> to *read* those files - we had to do some stuff by experimentation),
> that would help.
I don't think there was ever any documentation written ;) Its
amazing
what the ethereal people have accomplished.
> NOTE: I don't have any Sniffers handy, so I can't be that
> somebody (not
> that I have the time to work on that in any case).
Thanks for the prompt reply.
