Differences between revisions 1 and 2
Revision 1 as of 2005-04-02 12:14:03
Size: 1647
Editor: UlfLamping
Comment: first content
Revision 2 as of 2006-06-05 03:19:19
Size: 1652
Editor: localhost
Comment:
Deletions are marked like this. Additions are marked like this.
Line 16: Line 16:
XXX - Add example traffic here (as plain text or Ethereal screenshot). XXX - Add example traffic here (as plain text or Wireshark screenshot).
Line 18: Line 18:
== Ethereal == == Wireshark ==
Line 20: Line 20:
The MSNMS dissector is (fully functional, partially functional, not existing, ... whatever the current state is). Also add info of additional Ethereal features where appropriate, like special statistics of this protocol. The MSNMS dissector is (fully functional, partially functional, not existing, ... whatever the current state is). Also add info of additional Wireshark features where appropriate, like special statistics of this protocol.
Line 28: Line 28:
XXX - Add a simple example capture file to the SampleCaptures page and link from here (see below). Keep this file short, it's also a good idea to gzip it to make it even smaller, as Ethereal can open gzipped files automatically. XXX - Add a simple example capture file to the SampleCaptures page and link from here (see below). Keep this file short, it's also a good idea to gzip it to make it even smaller, as Wireshark can open gzipped files automatically.
Line 33: Line 33:
A complete list of MSNMS display filter fields can be found in the [http://www.ethereal.com/docs/dfref/m/msnms.html display filter reference] A complete list of MSNMS display filter fields can be found in the [http://www.wireshark.org/docs/dfref/m/msnms.html display filter reference]

MSN Messenger Service (MSNMS)

XXX - add a brief MSNMS description here

History

XXX - add a brief description of MSNMS history

Protocol dependencies

  • ["TCP"]: Typically, MSNMS uses ["TCP"] as its transport protocol. The default TCP port for MSNMS traffic is 1863.

Example traffic

XXX - Add example traffic here (as plain text or Wireshark screenshot).

Wireshark

The MSNMS dissector is (fully functional, partially functional, not existing, ... whatever the current state is). Also add info of additional Wireshark features where appropriate, like special statistics of this protocol.

Preference Settings

(XXX add links to preference settings affecting how MSNMS is dissected).

Example capture file

XXX - Add a simple example capture file to the SampleCaptures page and link from here (see below). Keep this file short, it's also a good idea to gzip it to make it even smaller, as Wireshark can open gzipped files automatically.

  • attachment:SampleCaptures/msnms.pcap

Display Filter

A complete list of MSNMS display filter fields can be found in the [http://www.wireshark.org/docs/dfref/m/msnms.html display filter reference]

  • Show only the MSNMS based traffic:

     msnms 

Capture Filter

You cannot directly filter MSNMS protocols while capturing. However, if you know the ["TCP"] port used (see above), you can filter on that one.

  • Capture only the MSNMS traffic over the default port (1863):

     tcp port 1863 

Discussion

MSNMS (last edited 2008-09-12 02:43:00 by GuyHarris)