On 11/18/24 9:08 AM, Michael Richardson wrote:
The message about the spam was in fact spam.
But, it forged a valid From: so it got through.
I'd like to fix the SPF/DKIM/spam-filter such that it more aggressively kills
this kind of forgery, assuming that wireshark.org has the right policies set.
Hi,
The Wireshark tcpdump mirror (http://tcpdump.mirror.wireshark.org) is moving to
a new host. The new addresses are:
198.199.88.104
2604:a880:400:d0::2221:3001
I'll keep the old host up and running for the next week or so.
___
tcpdump-workers mailin
On 3/15/14 2:56 PM, François-Xavier Le Bail wrote:
>> From: Guy Harris
>
>> On Mar 15, 2014, at 12:02 PM, Michael Richardson wrote:
>>
>>> I guess that this means that we also now have testing against bigendian
>>> systems. thank you wireshark guys!
>>
>> As long as it's doing "make check" fo
Steve McCanne spoke about the origins and architecture of libpcap and
BPF at Sharkfest this year. The presentation and video are now online at
http://sharkfest.wireshark.org/sharkfest.11/
under the "Keynote Video and Presentation" section.
-
This is the tcpdump-workers list.
Visit https://cod.s
On 6/1/11 8:10 AM, Mark Johnston wrote:
> Hi Darren,
>
> On Tue, May 31, 2011 at 03:53:22PM -0700, Darren Reed wrote:
>
>> You might be better off spending some time working
>> on additions to editcap that include concatenating
>> two or more pcap files.
>
> Shouldn't a function that manipulates
On 4/28/11 6:51 AM, Andrej van der Zee wrote:
> Is there any documentation on how libpcap/tcpdump/BPF deal with VLAN
> tags? Its still a bit of a mystery to me...
Does this help?
https://blog.wireshark.org/2009/10/capture-filters-and-offsets/
--
Join us for Sharkfest ’11! · Wireshark® Developer
Phil Vandry wrote:
> On Mon, 4 Oct 2010 09:51:39 -0400 Rob Hasselbaum wrote:
>> Yes, it is possible (on Linux, anyway), but not extremely easy. You can
>> correlate packet data to the kernel's network connection table and network
>> connections to inode values by reading "/proc/net/tcp*" and
>
>
amnon cohen wrote:
> Hi,
> Is there anyway to capture packets without being root on Linux.
> The docs imply that we running with CAP_NET_RAW will do the trick.
> Has anyone managed to get this to work?
> I got stuck when trying to add CAP_NET_RAW to the executable
>
>
> # setcap cap_net_raw my_sn
Guy Harris wrote:
> On Jan 10, 2010, at 12:06 PM, Michael Richardson wrote:
>
>> I was supposed to setup a master/manager program (it was in python, I
>> think), that will farm out builds for various platforms to a volunteer
>> pool. I've forgotten the name of this system, but it was the same on
Michael Richardson wrote:
>> "Michael" == Michael Richardson writes:
> Michael> The data transfer of the bpf.tcpdump.org is still underway,
> Michael> and should complete by morning EST.
>
> cvs.tcpdump.org, bpf.tcpdump.org and www.tcpdump.org are online again.
>
> It seems that the
Phil Vandry wrote:
> Hello tcpdump-workers,
>
> I noticed that there does not seem to be any MIME type defined for
> libpcap-format packet capture files according to the list of types
> maintained by IANA:
>
> http://www.iana.org/assignments/media-types/
>
> I couldn't find any well-known but un
Under Linux you can use POSIX capabilities to capture as non-root.
CAP_NET_RAW lets you capture, and CAP_NET_ADMIN lets you use promiscuous
mode.
Damien ANCELIN wrote:
> To give you more informations :
> - "metrology platform" will be a computer that can be used by many users
> to capture packets
Harley Stenzel wrote:
> Looking forward, however, it would be helpful if the libpcap file
> format provided a way to tag the source of the captured packet, so
> that merged files do not loose information.
NTAR supports this:
http://www.winpcap.org/ntar/draft/PCAP-DumpFileFormat.html#sectionpb
-
Guy Harris wrote:
> It doesn't appear to have gotten attached.
Weird. It works fine when I send it to my gmail account. Do
attachments get stripped at the lists.tcpdump.org end?
> OK, got it. I've checked in a fix for the underlying problem, and
> audited the calls to "print_unknown_data()" a
Guy Harris wrote:
> Gerald Combs wrote:
>> - A capture file that triggers the bug in the current daily build.
>
>
> That wasn't attached. Do you either have the capture, or a stack trace?
> I'm curious whether the problem is that it's being handed a
#
# $Id$
# Fuzz testing script for tcpdump
#
# By Gerald Combs <[EMAIL PROTECTED]> and Ulf Lamping <[EMAIL PROTECTED]>
#
# This script uses Ethereal's Editcap utility to add random errors
# ("fuzz") to a set of capture files specified on the command line.
# It runs tcpdu
16 matches
Mail list logo
