General Inter-ORB Protocol (GIOP)

GIOP is the protocol typically used by CORBA. See links below for more information.

History

TODO.

Protocol dependencies

• TCP: Typically, GIOP uses TCP as its transport protocol. GIOP can be identified by its four byte magic string at the beginning of every PDU: "GIOP" in ASCII encoding.

Example traffic

TODO.

Wireshark

The GIOP dissector is fully functional. Certain CORBA interfaces can be dissected by Wireshark out of the box: CosEvents, CosNaming, Parlay, TANGO. These dissectors are generated by a Python script idl2eth and IDL files.

Preference Settings

- Reassemble GIOP messages spanning multiple TCP segments: Switched on by default and you typically want this.

- Stringified IOR file name: If you have the interoperable object reference(s) of the observed object(s) communicating, you can put them in a file, one per line. Stringified IORs start with the letters "IOR:" and coninue with typically a few hundred hex characters [o-0a-fA-F] in ASCII encoding. See http://www.omg.org/gettingstarted/orb_details.htm for more information.

Example capture file

TODO.

Display Filter

A complete list of GIOP display filter fields can be found in the display filter reference

Show only the GIOP based traffic:  giop 

Capture Filter

You cannot directly filter GIOP protocols while capturing. However, if you know the TCP port used (see above), you can filter on that one.

External links

• http://www.omg.org/docs/formal/04-03-12.pdf - The protocol standard.

• http://en.wikipedia.org/wiki/GIOP - Wikipedia article about GIOP

Discussion

TODO.

Imported from https://wiki.wireshark.org/GIOP on 2020-08-11 23:14:17 UTC