Home page logo

wireshark logo Wireshark mailing list archives

Visualising the opening and accessing a file via SMB
From: Richard Sharpe <realrichardsharpe () gmail com>
Date: Fri, 28 Jun 2013 10:44:26 -0700

Hi folks,

I see a need for a tool like the following.

Take a capture of SMB1 or SMB2 traffic and draw a chart vertically showing:

Opens and closes of a specified (or all) file(s) with
nested/overlapping opens/closes showing up in different colors.
OpLock breaks and locks and reads/writes showing up as well.

The reason for this is so we can more easily see what is happening
between one or more clients.

Has anyone done anything like this or is there a framework I can start with?

Richard Sharpe
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

  By Date           By Thread  

Current thread:
  • Visualising the opening and accessing a file via SMB Richard Sharpe (Jun 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]