[Windump] content of capture file
Gianluca Varenni
gianluca.varenni at cacetech.com
Thu Oct 28 09:29:28 PDT 2010
--------------------------------------------------
From: "Arto Inkala" <inkala at eia.fi>
Sent: Wednesday, October 27, 2010 11:09 PM
To: <windump at winpcap.org>
Subject: [Windump] content of capture file
> Hello,
>
> I have used the following command with linux: tcpdump -w capture src port
> 80
> and after browsing I will get readable html in the capture file.
>
> However, if I use windump in windows 7, with the same parameters the
> output of the capture file is mostly unreadable binary. What will cause
> this and should I use some extra parameters with windump?
windump and tcpdump share the same parameters and the output is the same. A
file created with tcpdump/windump -w <filename> is a binary file containing
the *packets* that were flowing on the network. HTTP is sent in clear text,
so you will happen to see the "readable" text in the capture file (together
with binary data corresponding with the various packet headers).
Let me know if this helps
Have a nice day
GV
>
> Regards,
> Arto
> _______________________________________________
> Windump mailing list
> Windump at winpcap.org
> https://www.winpcap.org/mailman/listinfo/windump
More information about the Windump
mailing list