William Stuart william at hae.com
Thu Oct 8 22:59:12 GMT 1998

Has anyone written an addon to tcpdump, or any UNIX based sniffing utility
that can decypher DCE/RPC?

William Stuart  (william at hae.com)
"Don't rush me sonny.  You rush a miracle man you get rotten miracles."
                     --Miracle Max, "The Princess Bride"

On Fri, 9 Oct 1998, Luke Kenneth Casson Leighton wrote:

> Date: Fri, 9 Oct 1998 07:56:44 +1000
> From: Luke Kenneth Casson Leighton <lkcl at switchboard.net>
> To: Multiple recipients of list <samba-ntdom at samba.anu.edu.au>
> Subject: Re: rpcclient
> matthew,
> tcpdump traces are difficult to follow: they don't decode dce/rpc packets.
> the other guy looking at this sent me a log.smb file which allowed me to
> deduce that smbd is terminating when it receives an LsaOpenPolicy query.
> thanks
> .

More information about the samba-ntdom mailing list