william at hae.com
Thu Oct 8 22:59:12 GMT 1998
Has anyone written an addon to tcpdump, or any UNIX based sniffing utility
that can decypher DCE/RPC?
William Stuart (william at hae.com)
"Don't rush me sonny. You rush a miracle man you get rotten miracles."
--Miracle Max, "The Princess Bride"
On Fri, 9 Oct 1998, Luke Kenneth Casson Leighton wrote:
> Date: Fri, 9 Oct 1998 07:56:44 +1000
> From: Luke Kenneth Casson Leighton <lkcl at switchboard.net>
> To: Multiple recipients of list <samba-ntdom at samba.anu.edu.au>
> Subject: Re: rpcclient
> tcpdump traces are difficult to follow: they don't decode dce/rpc packets.
> the other guy looking at this sent me a log.smb file which allowed me to
> deduce that smbd is terminating when it receives an LsaOpenPolicy query.
More information about the samba-ntdom