Search Results

Search found 1582 results on 64 pages for 'packet snifers'.

Page 11/64 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • What is causing a vm to exhibit packet loss?

    - by d03boy
    We have a pretty nice piece of hardware set up to run multiple virtual machines in vmware and one of the vm's is an instance of Windows Server 2003 running SQL Server 2005. For some reason we occasionally see 10-20 seconds of straight packet loss to this machine from remote machines (my workstation) as well as other vm's on the same physical hardware. I am using PingPlotter to keep a close eye on the packet loss. So far we've turned off flow control on the NIC but we are already running out of other things to try. What might be causing this and how can I identify the problem? Note: We also have another server with a very similar configuration with the same type of problem to a lesser extent (because its not used as heavily?)

    Read the article

  • How to get more NFS packet details from Wireshark?

    - by Joe Swanson
    How can I get Wireshark to give me details about NFS packets at this level of granularity? (as exemplified here here) Specifically, I am interesting in looking at the the "Stable" option toward the bottom. When I analyze captured packets (whether by capturing directly via Wireshark, importing from a tshark dump, or importing from a tcpdump dump), I do not see a "Network File System" section in the packet details. I only get general TCP information. It recognizes that a packet is destined for a NFS port, but I am not able to see these details. Any ideas?

    Read the article

  • What is causing a vm to exhibit packet loss?

    - by Joe Philllips
    We have a pretty nice piece of hardware set up to run multiple virtual machines in vmware and one of the vm's is an instance of Windows Server 2003 running SQL Server 2005. For some reason we occasionally see 10-20 seconds of straight packet loss to this machine from remote machines (my workstation) as well as other vm's on the same physical hardware. I am using PingPlotter to keep a close eye on the packet loss. So far we've turned off flow control on the NIC but we are already running out of other things to try. What might be causing this and how can I identify the problem? Note: We also have another server with a very similar configuration with the same type of problem to a lesser extent (because its not used as heavily?)

    Read the article

  • Attempting to caue packet loss with netem doesn't work - possibly because of NAT (but delay does work)

    - by tomdee
    I have traffic from a WIFI access point routed via an Ubuntu box. I have two network interfaces which are NATed *filter :INPUT ACCEPT [11:690] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [37:6224] -A FORWARD -s 192.168.2.0/24 -i eth1 -o eth0 -m conntrack --ctstate NEW -j ACCEPT -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT COMMIT # Completed on Thu Mar 15 13:37:21 2012 # Generated by iptables-save v1.4.10 on Thu Mar 15 13:37:21 2012 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -j MASQUERADE COMMIT If I run a ping app on an Android device connected to the WIFI network I can happily ping google. If I use netem to introduce some delay tc qdisc change dev eth0 root netem delay 100ms I can clearly see pings taking longer. If I use netem to introduce some packet loss tc qdisc change dev ifb0 root netem loss 50% then I see no change. Packet loss does work fine for locally generated traffic, just not for traffic coming in over the network that's being NATed. Any ideas how to sort this out?

    Read the article

  • tcpdump on dd-wrt router

    - by Senica Gonzalez
    I'm trying to capture packets from two devices on my network. I have tcpdump installed on my dd-wrt router and working correctly. However, the only packets I capture are broadcast packets when using a tcpdump statement that states only those two devices ./tcpdump -w /tmp/capture.pcap dst 192.168.3.105 or src 192.168.3.105 or dst 192.168.3.136 or src 192.168.3.136 I'm capturing on intefface br0. Is that correct? Both devices are plugged in directly to the ports 1 and 2 with ip addresses 192.168.3.105 and 192.168.3.136 respectively. Do I need to set br0 in promiscuous mode? A little stuck. Thanks.

    Read the article

  • Issue reading packets from a pcap file. dpkt

    - by Chris
    I am running the following test script to try to read packets from a sample .pcap file I have downloaded. import socket import dpkt import sys pcapReader = dpkt.pcap.Reader(file("test1.pcap", "rb")) for ts, data in pcapReader: ether = dpkt.ethernet.Ethernet(data) if ether.type != dpkt.ethernet.ETH_TYPE_IP: raise ip = ether.data src = socket.inet_ntoa(ip.src) dst = socket.inet_ntoa(ip.dst) print "%s -> %s" % (src, dst) For some reason, this is not being interpreted properly. When running it, I get KeyError: 138 module body in test.py at line 4 function __init__ in pcap.py at line 105 Program exited. Why is this? What's wrong?

    Read the article

  • Network programming and Packets interactions.

    - by Eyla
    Greeting, This month I will start working on my master thesis. My thesis's subject is about network security. I need to deal with network interfaces and packets. I've used shappcap before to interact with packets but I'm not sure if C# is the most powerful language to deal with network programing and packets. I worked a bit with winshark and I saw how powerful it is and as you know winsharp is open source developed using C++. I'm not sure if I should use C# or C++ for network security programming and I want your through about the best language might be for network programming and packets interaction. should I use C#, C++, or java or some thing else? please give me your advice. Thank you,

    Read the article

  • How to capture HTTP response with C#?

    - by Mika Kolari
    How do I capture HTTP response when the request is made by web browser? Webpage retrieves data (with post) from a service. Service returns a json object. What I want is to capture that json and parse it in realtime. What would be the simplest way to do it?

    Read the article

  • missing elements from pcap?

    - by Matthew
    When I check the attributes available to the module pcap, I expect to see something like 'DLT_AIRONET_HEADER', 'DLT_APPLE_IP_OVER_IEEE1394', 'DLT_ARCNET', 'DLT_ARCNET_LINUX', 'DLT_ATM_CLIP', 'DLT_ATM_RFC1483', 'DLT_AURORA', 'DLT_AX25', 'DLT_CHAOS', 'DLT_CISCO_IOS', 'DLT_C_HDLC', 'DLT_DOCSIS', 'DLT_ECONET', 'DLT_EN10MB', 'DLT_EN3MB', 'DLT_ENC', 'DLT_FDDI', 'DLT_FRELAY', 'DLT_IEEE802', 'DLT_IEEE802_11', 'DLT_IEEE802_11_RADIO', 'DLT_IEEE802_11_RADIO_AVS', 'DLT_IPFILTER', 'DLT_IP_OVER_FC', 'DLT_JUNIPER_ATM1', 'DLT_JUNIPER_ATM2', 'DLT_JUNIPER_ES', 'DLT_JUNIPER_GGSN', 'DLT_JUNIPER_MFR', 'DLT_JUNIPER_MLFR', 'DLT_JUNIPER_MLPPP', 'DLT_JUNIPER_MONITOR', 'DLT_JUNIPER_SERVICES', 'DLT_LINUX_IRDA', 'DLT_LINUX_SLL', 'DLT_LOOP', 'DLT_LTALK', 'DLT_NULL', 'DLT_PFLOG', 'DLT_PPP', 'DLT_PPP_BSDOS', 'DLT_PPP_ETHER', 'DLT_PPP_SERIAL', 'DLT_PRISM_HEADER', 'DLT_PRONET', 'DLT_RAW', 'DLT_RIO', 'DLT_SLIP', 'DLT_SLIP_BSDOS', 'DLT_SUNATM', 'DLT_SYMANTEC_FIREWALL', 'DLT_TZSP', 'builtins', 'doc', 'file', 'name', '_newclass', '_object', '_pcap', '_swig_getattr', '_swig_setattr', 'aton', 'dltname', 'dltvalue', 'findalldevs', 'lookupdev', 'lookupnet', 'ntoa', 'pcapObject', 'pcapObjectPtr'] With note on pcapObject. However, all I get when running dir(pcap) is ['DLT_ARCNET', 'DLT_AX25', 'DLT_CHAOS', 'DLT_EN10MB', 'DLT_EN3MB', 'DLT_FDDI', 'DLT_IEEE802', 'DLT_LINUX_SLL', 'DLT_LOOP', 'DLT_NULL', 'DLT_PFLOG', 'DLT_PFSYNC', 'DLT_PPP', 'DLT_PRONET', 'DLT_RAW', 'DLT_SLIP', 'author', 'builtins', 'copyright', 'doc', 'file', 'license', 'name', 'url', 'version', 'bpf', 'dltoff', 'ex_name', 'lookupdev', 'pcap', 'sys'] Noting the lack of pcapObject. Why is this? What could cause this?

    Read the article

  • extract payload from tcpflow output

    - by Felipe Alvarez
    Tcpflow outputs a bunch of files, many of which are HTTP responses from a web server. Inside, they contain HTTP headers, including Content-type: , and other important ones. I'm trying to write a script that can extract just the payload data (i.e. image/jpeg; text/html; et al.) and save it to a file [optional: with an appropriate name and file extension]. The EOL chars are \r\n (CRLF) and so this makes it difficult to use in GNU distros (in my experiences). I've been trying something along the lines of: sed /HTTP/,/^$/d To delete all text from the the beginning of HTTP (incl) to the end of \r\n\r\n (incl) but I have found no luck. I'm looking for help from anyone with good experience in sed and/or awk. I have zero experience with Perl, please I'd prefer to use common GNU command line utilities for this Find a sample tcpflow output file here. Thanks, Felipe

    Read the article

  • Python port forwarding/multiplexing server

    - by Ib33X
    I would like to make server that listen on UDP port 162 (SNMP trap) and then forwards this traffic to multiple clients. Also important is that the source port & address stays same (address spoofing). I guess that best tool for this would be Twisted or Scapy or mybe vanilla sockets, only I can't find anything in the documentation for Twisted about source address spoofing/forging. What would you recommend me to do? Edit:added bounty

    Read the article

  • libnet that properly calculates checksum on IPV6

    - by VeaEm
    I have recently started playing around with libnet and using it to generate IPV6 packets. I am very new at programming, however, I am quite happy with the library. I have one problem with it though. It seems that libnet currently does not have the ability to properly calculate checksums on IPV6 packets. Being so new to programming, I am not yet capable of fixing this problem (although I am learning, so that one day I can). I am curious, has anyone run across a version of the library that can do this properly? Thanks!

    Read the article

  • Scapy install issues. Nothing seems to actually be installed?

    - by Chris
    I have an apple computer running Leopard with python 2.6. I downloaded the latest version of scapy and ran "python setup.py install". All went according to plan. Now, when I try to run it in interactive mode by just typing "scapy", it throws a bunch of errors. What gives! Just in case, here is the FULL error message.. INFO: Can't import python gnuplot wrapper . Won't be able to plot. INFO: Can't import PyX. Won't be able to use psdump() or pdfdump(). ERROR: Unable to import pcap module: No module named pcap/No module named pcapy ERROR: Unable to import dnet module: No module named dnet Traceback (most recent call last): File "/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/runpy.py", line 122, in _run_module_as_main "__main__", fname, loader, pkg_name) File "/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/runpy.py", line 34, in _run_code exec code in run_globals File "/Users/owner1/Downloads/scapy-2.1.0/scapy/__init__.py", line 10, in <module> interact() File "scapy/main.py", line 245, in interact scapy_builtins = __import__("all",globals(),locals(),".").__dict__ File "scapy/all.py", line 25, in <module> from route6 import * File "scapy/route6.py", line 264, in <module> conf.route6 = Route6() File "scapy/route6.py", line 26, in __init__ self.resync() File "scapy/route6.py", line 39, in resync self.routes = read_routes6() File "scapy/arch/unix.py", line 147, in read_routes6 lifaddr = in6_getifaddr() File "scapy/arch/unix.py", line 123, in in6_getifaddr i = dnet.intf() NameError: global name 'dnet' is not defined

    Read the article

  • Algorithm for non-contiguous netmask match

    - by Gianluca
    Hi, I have to write a really really fast algorithm to match an IP address to a list of groups, where each group is defined using a notation like 192.168.0.0/252.255.0.255. As you can see, the bitmask can contain zeros even in the middle, so the traditional "longest prefix match" algorithms won't work. If an IP matches two groups, it will be assigned to the group containing most 1's in the netmask. I'm not working with many entries (let's say < 1000) and I don't want to use a data structure requiring a large memory footprint (let's say 1-2 MB), but it really has to be fast (of course I can't afford a linear search). Do you have any suggestion? Thanks guys. UPDATE: I found something quite interesting at http://www.cse.usf.edu/~ligatti/papers/grouper-conf.pdf, but it's still too memory-hungry for my utopic use case

    Read the article

  • What's the BPF for HTTP?

    - by Gtker
    The definition can be seen here. The candidate answer may be tcp and dst port 80,but can tcp and dst port 80 guarantee it's HTTP traffic and includes all HTTP traffic? It seems not,because some site can be visited by specifying a different port other than 80 this way: http://domain.name:8080 So my question is: what's the exact BPF for HTTP?

    Read the article

  • how does teamviewer find my computer even if my comp. behind of the firewall and firewall isn't conf

    - by uzay95
    Did you use teamviewer? (comic question i know... Who doesn't use it?) Do you have any idea how does teamviewer make connection even if i am behind the router, firewall, switch and my local firewall..? I'm trying to imagine a connection that is between remote machinge and my computer. Remote machine is sending the packets (and its header (for instance, destination IP, message body)) to me but it only knows my id number(which is given by my local teamviewer application). And this packets are reaching to my computer even if there is a juniper firewall (and also my windows firewall). What kind a message body is recieving by computer? (of course it is not like xml, text, html, excel :) Do you have any idea? PS. Please share your knowledge like you are explaining to beginner level user.

    Read the article

  • Example of moving from MySQL to NoSQL?

    - by OverTheRainbow
    Hello, For a Facebook-like site, ie. which is write-intensive and delivers user-customized pages, I'd like to build a prototype to investigate whether the document-centric NoSQL architecture would be a good alternative to sharding and reduce the load on the single master (+ multiple slaves) that we currently use and is the bottleneck. Does someone know of a good article that would give actual, simple examples of going from a relational layout in MySQL to a NoSQL layout? Thank you.

    Read the article

  • How can I edit a js file sent by the server before it gets to my browser?

    - by pstone
    During a normal browsing session I want to edit a specific javascript file before the browser receives since once it gets there it's impossible to edit. Is there are any tool for this? For what I need it I can't just save it and edit it on my disk. I'm ready to learn how to program it myself but if anyone can point out more or less what I have to do I'd be very grateful. I'd have to intercept the packets until I have the whole file while blocking the browser from receiving it any part of it, then edit it manually and forward it to the same port. I don't think I can do this by just using pcap, I've read a bit about scapy but I'm not sure if it can help me either. Thanks in advance.

    Read the article

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >