[OT] RE: tracing port to port

2009-03-18 Thread Peter Crowther
> From: André Warnier [mailto:a...@ice-sa.com] > I think I'll have to refresh my TCP knowledge base, to see if there is > any byte somewhere in a TCP header specifying the internet protocol. > But I don't think so. Sort of :-). The nearest you get is the four bytes specifying the source and dest

RE: tracing port to port

2009-03-18 Thread Caldarale, Charles R
> From: André Warnier [mailto:a...@ice-sa.com] > Subject: Re: tracing port to port > > how does Wireshark figure out if the contents of a packet > are HTTP or not ? It must be either "heuristic" by sniffing > the content, or else just by the port in use ?

Re: tracing port to port

2009-03-18 Thread André Warnier
Gregor Schneider wrote: If I understand André correctly, he wants to find out the encoding dirung the communication between servlet & java-demon - I doubt that this goes as HTTP over the wire. True. It's not HTTP. In fact it is .. well .. nothing, apart from TCP. The servlet just opens a socke

Re: tracing port to port

2009-03-18 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gregor, On 3/18/2009 11:08 AM, Gregor Schneider wrote: > On Wed, Mar 18, 2009 at 3:47 PM, Christopher Schultz > wrote: >> >> Wireshark does full TCP capture but also "understands" protocols, so it >> will show you only the HTTP details for a particul

Re: tracing port to port

2009-03-18 Thread Gregor Schneider
On Wed, Mar 18, 2009 at 3:47 PM, Christopher Schultz wrote: > > Wireshark does full TCP capture but also "understands" protocols, so it > will show you only the HTTP details for a particular packet, etc. > But will this help to find out the characterset of encoded string in an RMI-object? If I un

Re: tracing port to port

2009-03-18 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 André, On 3/17/2009 8:02 PM, Filip Hanik - Dev Lists wrote: > wireshark.org +1 Wireshark does full TCP capture but also "understands" protocols, so it will show you only the HTTP details for a particular packet, etc. - -chris -BEGIN PGP SIGNATU

Re: tracing port to port

2009-03-18 Thread Gregor Schneider
André, two questions: what type of conenction is the servlet using? Is it RMI, Socket, something else? If you're not happy with Wireshark, there might be an approach which takes a bit more effort but might work in case the Java-classes are not obfuscated: Talking RMI: - try to decompile the Ja

Re: tracing port to port

2009-03-18 Thread André Warnier
Filip Hanik - Dev Lists wrote: wireshark.org Thanks. I had seen that name several times, but it is only yesterday that someone told me that this was the new name for Ethereal. - To unsubscribe, e-mail: users-unsubscr...@tomc

Re: tracing port to port

2009-03-17 Thread Filip Hanik - Dev Lists
wireshark.org André Warnier wrote: Hi. I know this is only tenuously Tomcat-related, and apologise in advance. I'll be content with one-liners. I have to trace the byte data that circulates back and forth between a Tomcat servlet (the tenuous connection) and a separate Java daemon to which

tracing port to port

2009-03-17 Thread André Warnier
Hi. I know this is only tenuously Tomcat-related, and apologise in advance. I'll be content with one-liners. I have to trace the byte data that circulates back and forth between a Tomcat servlet (the tenuous connection) and a separate Java daemon to which the servlet establishes this connectio