This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Decryption of ISKAMP Packets in wireshark version 1.8.0

0

Hi,

Decrypting of the ISKAMP packet results in expert info/malformed Packet. When we are decrypting the ISKAMP Packet in wireshark it results in a MALFORMED Packet. Can anyone please help me with this.

Regards, Sharad

This question is marked "community wiki".

asked 17 Jul '12, 11:00

Sharad%20Kodkani's gravatar image

Sharad Kodkani
1111
accept rate: 0%

edited 23 Jul '12, 12:49

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237

Sharad how did you decrypt ISKAMP packet, I need a little help here: http://ask.wireshark.org/questions/12019/how-can-i-decrypt-ikev1-packets

(21 Jul '12, 11:06) chetan1989

2 Answers:

0

I'd suggest you open a bug report, including a sample capture complete with any keys necessary to decrypt it so someone with some free time can take a look.

answered 23 Jul '12, 07:04

JeffMorriss's gravatar image

JeffMorriss ♦
6.2k572
accept rate: 27%

Hi jeff and kurt,

Thanks a lot for the reply, Please let me know how do i raise a bug in Wireshark.

Regards, Sharad

(23 Jul '12, 11:32) Sharad Kodkani

please follow the instructions on https://bugs.wireshark.org

(23 Jul '12, 12:25) Kurt Knochner ♦

0

During my tests (see this answer) I had some MALFORMED packets too.

After I restarted Wireshark, the MALFORMED packets were gone. So, it looks like a bug for me. As @JeffMorriss said, please file a bug report with sample data. Actually, you can use my sample data from this answer.

Regards
Kurt

answered 23 Jul '12, 09:15

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 23 Jul '12, 12:33