Wireshark does not distinguish ACSE and MMS PDU

Question

Wireshark does not distinguish ACSE and MMS PDU

I work with message processing (MMS) in wirehark. The tool cannot cut through the ACSE layer. It does not show any errors, but it shows ACSE data as part of MMS, that is, MMS is displayed after the presentation level. Please help if there is a way for wiring to distinguish between both layers.

Thanks.

+6

wireshark wireshark-dissector

user_abh May 25 '12 at 11:47

source share

1 answer

Ortomala lokni · Answer 1 · 2016-10-02T18:14:09+0000

This question is from 2012, but in 2016 Wireshark 2.2.0 is able to analyze ACSE (control service control) in MMS PDUs. To test it, you can download MMS sample capture data from the Wireshark website and open it in Wireshark. You will see a dissected ACSE, for example:

ISO 8650-1 OSI Association Control Service aarq Padding: 7 protocol-version: 80 (version1) aSO-context-name: 1.0.9506.1.1 (iso.0.9506.1.1) called-AP-title: ap-title-form2 (1) called-AE-qualifier: aso-qualifier-form2 (1) calling-AP-title: ap-title-form2 (1) calling-AE-qualifier: aso-qualifier-form2 (1) user-information: 1 item

Wireshark does not distinguish ACSE and MMS PDU

More articles: