Ethereal

Re: [Ethereal-users] Snooping on L2TP
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-users: January 2004

 


On Jan 9, 2004, at 10:33 AM, Mathew Kayalackakom wrote:

Help - I am a newbie to Ethereal and would like to decode L2TP with IPSec packets in an 802.11 header using ethereal.

Ethereal can capture on 802.11 networks on some OSes (although only with some network cards in some versions of Linux and BSD can it capture management and control frames - you want to handle IP frames, however, so that's not an issue).

Note that, on Windows, the drivers for at least some cards won't show you packets *transmitted* by the machine running Ethereal (or any other WinPcap-based application) if you're capturing in promiscuous mode. I don't know whether they capture traffic between two unrelated machines in promiscuous mode. I also don't know what cards those are.

Ethereal can dissect L2TP and IPsec (in the sense of AH and ESP), but it can't decrypt encrypted IPsec packets.

Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.