Graeme Lunt


I have been working on Wireshark since mid 2005 initially working on the dissectors that interested me, but then diversifying into other areas of Wireshark.

The dissectors I developed are primarily for the OSI X.400 Messaging Services and X.500 Directory Services, including the lower layers of the stack. I've also worked on the IETF equivalents; SMTP, LDAP.

So far I have added dissectors for:

This has involved forays into the existing dissectors:

I've even tried to understand how asn2wrs (on which most of my new dissectors rely) does it's magic!

I have introduced a new file type that allows Wireshark to read a raw ASN.1 BER-encoded file, for example a PKCS#12 file. All of Wireshark's powerful ASN.1 dissection routines can then be brought to bear on these files, that may not normally be sent over the wire. The "Decode As" feature has been updated to recognise ASN.1 files and offer dissection in accordance to common ASN.1 definitions.

I have developed the U3Packaging for Wireshark that allows you to run Wireshark from a USB stick, as well as a WiresharkPortable version of Wireshark that runs under the PortableApps framework.

Current things I am working on are:

I am [still] looking at mechanisms that will allow the user to associate a known BER syntax with a given OID - either from a configuration file, parsing of ASN.1 modules, SNMP MIBS etc, or some other mechanism.

If there is some messaging/directory feature you would like to see in Wireshark, send it to the development list and I'll try and help out.

For other information see

Email: <graeme.lunt AT SPAMFREE smhs DOT co DOT uk>


GraemeLunt (last edited 2008-04-12 17:51:45 by localhost)