This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

After capturing some Apache Derby traffic (which also use DRDA) there are some unknown codepoints in wireshark.

  • DDM codepoint 0xc000
  • Parameter codepoint 0x01 (within a SQLSTT DDM)
  • Parameter codepoint 0xc001(within 0xc000 DDM)
  • Parameter codepoint 0xc002 (within 0xc000 DDM)

It seems also that wireshark sometimes does not detect parameters within a DDM, see https://raw.githubusercontent.com/salyh/_pics/master/drda1.png

PCAP: https://github.com/salyh/_pics/blob/master/drda_toursdb.pcap?raw=true

asked 29 Mar '16, 13:26

salyh's gravatar image

salyh
6112
accept rate: 0%


Please open a bug report requesting that Wireshark dissect these code points (and attach the PCAP to the bug report) That's the proper way to report bugs or request enhancements (this is a Q&A site).

permanent link

answered 29 Mar '16, 17:08

JeffMorriss's gravatar image

JeffMorriss ♦
6.2k572
accept rate: 27%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×637
×10
×1

question asked: 29 Mar '16, 13:26

question was seen: 922 times

last updated: 30 Mar '16, 05:55

p​o​w​e​r​e​d by O​S​Q​A