1748069 Members
5645 Online
108758 Solutions
New Discussion юеВ

Re: TRC Files

 
Hari Shankar S
Advisor

TRC Files

Can someone please tell me the method to open trc files. It contains some tcpdumps for an ftp issue.
7 REPLIES 7
Steven Schweda
Honored Contributor

Re: TRC Files

"HELP OPEN"?
"HELP EDIT"?
HELP ME? What are "trc files"? Made how?
Why? Is there some actual problem which you
are trying to solve? Care to reveal it?
Hari Shankar S
Advisor

Re: TRC Files

Actually, I am working on a problem with ftp. To aid in my debugging, I was sent these ".trc" files. They are supposed to contain tcpdump information. When I try to open them using the "open", "edit" or "type" command, I am able to open then but I get a lot of junk values with a bit of useful information. So I just wanted to if there any other way to open it properly.
Hein van den Heuvel
Honored Contributor

Re: TRC Files

'Junk' values is not very decsriptive.
To make sense out of them, you may to try DUMP.

First use a DIR / FULL and look a the Record Attributes. That defines what to expect.

Next DUMP/RECOR=COU=3 or DUMP/BLOC=COUNT=1.
Let the numbers and text speak to you for a while. Does it look like text, or binary data? Can you 'see' a part of the file being transferred?

You may need a command like SET FILE/ATTR=(RFM=VAR,RAT=STM) to make the file attributes re-match the file data. Then type/page or edit the file.

If you need further help then be sure to attach a TEXT file with DIR/FULL output and DUMP/BLOCK=COUNT=1.
If there is sensitive data, then MASK that out with say ???? in text and hex part.

Good luck!
Hein.
Steven Schweda
Honored Contributor

Re: TRC Files

> They are supposed to contain tcpdump
> information.

I now know about as much as I did before.

> I was sent these ".trc" files.

Ask the fellow who sent them?
Oswald Knoppers_1
Valued Contributor

Re: TRC Files

If these files contain tcpdump info I would copy them (binary mode) to a PC and use wireshark (http://www.wireshark.org/) to interpret them.

Oswald
Hari Shankar S
Advisor

Re: TRC Files

Thanks to all of you for your help. I now know that these .trc files are Sniffer Capture File. It was created using tcpdump with the -w option. It can be read using tcpdump itself using the -r option.

Wireshark, as Oswald had suggested, might also work.

And special thanks to Hein for such a descreptive answer.
Hari Shankar S
Advisor

Re: TRC Files

Thanks to all of you for your help. I now know that these .trc files are Sniffer Capture File. It was created using tcpdump with the -w option. It can be read using tcpdump itself using the -r option.

Wireshark, as Oswald had suggested, might also work.

And special thanks to Hein for such a descreptive answer.