There is another issue related to these block types.
Fulvio's proposal:
a shb (even corrupted by the ftp transfer) can begin with the following
strings:
\r\n\r\x1A -> 1 reserved block type
\r\n\n\r-> 1 reserved block type
\n\r\x1a\?? -> 256 reserved block types
\x1a\r\n\r -> 1 reserver block
On Jul 30, 2004, at 10:14 AM, Greg Weiss wrote:
Is there a way to command-line filter tcpdump so that only packets with
bad TCP checksums are dumped?
No.
The BPF filtering mechanism can't handle it, as there's no way for it
to compute a checksum, and the filtering mechanism is BPF-based.
A separa
Question:
--
Is there a way to command-line filter tcpdump so that only packets with
bad TCP checksums are dumped? (I rtfm'd but couldn't find it, but it
seemed useful/simple enough that I might be missing something. Hence
I'm asking here.)
Background:
--
I've be
I would like to point out advatanges / disadvatanges of the
two proposals:
Fulvio's proposal:
+ byte order and correct ascii transfer are checked with a
single string
- there is the possibility not to detect faulty ftp trasfers
(in case of ftp trasfers from Unix to Win, the last byte is
'?'.
