Skip to content
Network captures for examples in Windows protocols overview documents
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
MS-NETOD--captureALL
MS-PRSOD--captureALL RS3 Jun 29, 2018
[MS-ADFSOD]-captureALL ADFSOD Captures Files Jan 9, 2018
[MS-ADOD]-captureALL MS-ADOD captures for RS4 Jun 29, 2018
[MS-AUTHSOD]-captureALL RS4 Jun 29, 2018
[MS-AZOD]-captureALL RS4 Jun 29, 2018
[MS-CCROD]-captureALL CCROD_Ex1-2_matpFormat Dec 20, 2017
[MS-CERSOD]-captureALL RS4 Captures Jun 29, 2018
[MS-FASOD]-captureALL RS4 Jun 29, 2018
[MS-GPOD]-captureALL MS-GPOD Sep 26, 2016
[MS-RDSOD]-captureALL RS4 Jun 29, 2018
[MS-RMSOD]-captureALL
[MS-STOROD]-captureALL MS-STOROD Sep 26, 2016
[MS-VSOD]-captureALL RS4 Jun 29, 2018
[MS-WMOD]-captureALL New cap files for [MS-WMOD] Nov 22, 2016
[MS-WSUSOD]-captureALL New cap files for [MS-WSUSOD] Nov 22, 2016
LICENSE.md Adding required files Sep 26, 2016
README.md 19H1 May 30, 2019
[MS-ADFSOD]-captureALL.zip RS5 - Message Analyzer and WireShark formats Nov 5, 2018
[MS-ADOD]-190530-captureALL.zip 19H1 May 30, 2019
[MS-CERSOD]-190530-captureALL.zip
[MS-CERSOD]-captureALL.zip RS5 - Message Analyzer format Nov 14, 2018
[MS-FASOD]-190530-captureALL.zip
[MS-RDSOD]-190530-captureALL.zip 19H1 May 30, 2019
[MS-RDSOD]-captureALL.zip RS5 - Message Analyzer format Nov 5, 2018
faq.md Update faq.md May 30, 2019

README.md

Latest news

May 30 2019 - Windows 10/Windows Server 2019 (19H1) network captures in WireShark format (.pcapng) and Microsoft Message Analyzer format (.matp) added for MS-ADOD and MS-FASOD and network captures in Microsoft Message Analyzer format (.matp) added for MS-CERSOD and MS-RDSOD.

Archived news

November 5 2018 - Windows RS5 network captures in Microsoft Message Analyzer format (.matp) added for MS-CERSOD and MS-RDSOD, network captures in WireShark format (.pcapng) added for MS-ADFSOD June 29 2018 - Windows RS4 network captures in Microsoft Message Analyzer format (.matp) added for 7 ODs: MS-ADOD, MS-AUTHSOD, MS-AZOD, MS-FASOD, MS-CERSOD, MS-RDSOD, and MS-VSOD.

prot-od-netCaps

This project contains annotated network captures for examples in Windows protocols overview documents. Overview Documents describe how related protocols work together to support common scenarios and are published at MSDN under Windows Protocols/Overview Documents at http://msdn.microsoft.com/en-us/library/hh128055(v=prot.13). Use either Network Monitor (NetMon) or Message Analyzer to open and examine the network capture files. For more information on setting up and using Netmon with these captures, see UsingTheEUODCaptures.docx. For information on viewing these captures in Message Analyzer, see http://technet.microsoft.com/en-us/library/jj673503.aspx.

Details on folders

Network captures for the scenarios covered in a particular Overview Document are released together in a single folder with a file name composed of the "short name" of the Overview Document, for example [MS-ADFSOD]-captureALL. In the .matp capture files included in the folders, the Windows product version used to generate the captures is included in the name, for example MS-ADFSOD_Example1_WIN2016_X64_WIN10_X64_Domain.matp. In addition, the annotations in each network capture file include the published date (in the footer) of the Overview Document used to generate the captures.

You can’t perform that action at this time.