Wireshark-users: [Wireshark-users] Packet reassembly problem
I hope Im posting in the right spot here.
TV dinner still cooling?
Check out "Tonight's Picks" on Yahoo! TV.
Im semi-new to network traffic analysis so I appologize if I hack any terms.
I am trying to reassemble image packets downloaded from the Gnutella network. Can somebody please tell me what Im doing wrong?
On WinXP I start a capture with Wireshark(Version 0.99.0)and then download a unique image file using Phex. I do this to avoid any swarming issues. After the JPEG is completely downloaded, I stop the capture and then filter for the IP source of the host. I then view the captured packets and the checksum returns valid. This is where Im getting stuck. There should be an option somewhere to export or reassemble. There is an export option under file but that doesnt seem to work. I tried follow the TCP stream and then pasting packet data into a text editor and naming the file as a JPEG. Doesnt work
either.
I did tick the boxes for reassemble fragmented ip datagrams and allow dissector to reassemble TCP streams prior to the capture. I found little info online for packet reassembly so any help is appreciated.
Ill try to include a screen capture
Thanks
Dave
TV dinner still cooling?
Check out "Tonight's Picks" on Yahoo! TV.
- Prev by Date: [Wireshark-users] Wireshark 0.99.5 is now available
- Next by Date: [Wireshark-users] help me people i am really a beguinner
- Previous by thread: [Wireshark-users] Wireshark 0.99.5 is now available
- Next by thread: [Wireshark-users] help me people i am really a beguinner
- Index(es):