Wireshark mailing list archives
Re: Decode as different protocol
From: Anders Broman <anders.broman () ericsson com>
Date: Tue, 24 Jan 2012 17:12:36 +0100
Hi, You could try to dissble the VNC dissector. analyse->enabled protocols. Reagrds Anders ________________________________ From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Manolis Katsidoniotis Sent: den 24 januari 2012 17:05 To: Community support list for Wireshark Subject: Re: [Wireshark-users] Decode as different protocol Hello Abhik It looks like my version is somewhat old (I can't replace it) and I'm getting the attached error. Any other ideas? thanks Manolis On Tue, Jan 24, 2012 at 5:52 PM, Abhik Sarkar <sarkar.abhik () gmail com<mailto:sarkar.abhik () gmail com>> wrote: Hi Manolis Edit > Preferences > Protocols > SIP > SIP TCP Ports You can add 5500 in a comma separated list there. HTH Abhik On Tue, Jan 24, 2012 at 7:33 PM, Manolis Katsidoniotis <manoska () gmail com<mailto:manoska () gmail com>> wrote: Hello all In the attached snapshot, frame 2767 is a sip packet sent via TCP to destination port 5500. I'm assuming that because of the port number, wireshark assumes that it is a vnc frame (Virtual Network Computing). I change this by selecting the packet and using the "Decode As" option. However this needs to be done every time I open wireshark. Does anyone happen to be aware of doing this permanent (i.e. modifying some start-up file)? Thanks in advance Manolis ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org<mailto:wireshark-users () wireshark org>> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org<mailto:wireshark-users-request () wireshark org>?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org<mailto:wireshark-users () wireshark org>> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org<mailto:wireshark-users-request () wireshark org>?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Decode as different protocol Manolis Katsidoniotis (Jan 24)
- Re: Decode as different protocol Abhik Sarkar (Jan 24)
- Re: Decode as different protocol Manolis Katsidoniotis (Jan 24)
- Re: Decode as different protocol Anders Broman (Jan 24)
- Re: Decode as different protocol Manolis Katsidoniotis (Jan 24)
- Re: Decode as different protocol Chris Maynard (Jan 24)
- Re: Decode as different protocol Abhik Sarkar (Jan 24)