– -和Wireshark Live Support Bot 的对话,最后凌乱了有木有。。。

  • A+
所属分类:安全博客
先请达人们解答下wireshark里面udp.proc filter是怎么用的。。。 quark回答我说和udp options里面的collect process flow information有关,但他也告诉我开了这个选项也没法用。。。也的确是这样的。。。于是就不知道怎么回事了。。。

我去wireshark live support上问,似乎是个”Expert assisted Bot”在回答,*号是我问的内容,>后面是他的回答 http://www.wireshark.org/tools/helpdesk.html
*How can I use udp.proc.srcpid filter? For example, I choose a process which is sending UDP packets, its pid is 1234, then I write udp.proc.srcpid==1234 but it shows nothing. I tried other filters of udp.proc but still nothing works. I’m confused about the usage of udp.proc filters. Thanks for your help!
> Not supported in Windows, without special drivers
* Er…I tried under Archlinux but still nothing works.
> What’s your FreeBSD version?
* Archlinux 3.0//(第一次凌乱。。。Archlinux哪有版本号这一说。。。只好先弄个3.0上去)
> …Tell me more
*Archlinux …
> …OK,you ask me “how can you use udp.proc.srcpid filter? For example, you choose a process which is sending UDP packets, its pid is 1234, then you write udp.proc.srcpid==1234 but it shows nothing. you tried other filters of udp.proc but still nothing works. You’re confused about the usage of udp.proc filters. Thanks for my help!”,tell me more
* I tried it under all platforms but nothing happens
> What speed is your frame relay connection?
* 100Mbps
> Tell me more…
* Is it something collect process flow information?
> I see.
* Is it something about collect process flow information?
> Say, do you have any psychological problems?
 
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ….I bs you…
> Oh… ?

 

FROM :https://blog.flanker017.me/ | Author:Flanker

相关推荐: 域内权限维持

前置,windows域内认证机制https://payloads.online/archivers/2018-11-30/1 https://www.cnblogs.com/backlion/p/8127868.html https://www.cnblogs…

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: