Search Results

Search found 1687 results on 68 pages for 'packet sniffing'.

Page 12/68 | < Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >

  • aireplay - reading but not sending

    - by oneat
    I'm trying aircrack injection, everything is working I authenticated, but aireplay is not working aireplay-ng -3 -b 00:12:2A:01:74:05 -h 78:e4:00:87:71:8b mon0 18:53:03 Waiting for beacon frame (BSSID: 00:12:2A:01:74:05) on channel 7 Saving ARP requests in replay_arp-0817-185303.cap You should also start airodump-ng to capture replies. Read 4988 packets (0 ARPs, 4 ACKs), sent 0 packets...(0 pps) Why isn't it working? Why isn't it sending packets? 03:00.0 Network controller: Atheros Communications Inc. AR928X Wireless Network Adapter (PCI-Express) (rev 01) I tested injection on injection test in aircrack tutorial, despite driver wasn't patched.

    Read the article

  • Is there a decent diagram of packet flow for a modern era (2.6+) iptables setup?

    - by stsquad
    I'm currently trying to debug a particularly hairy set of DNAT based iptables rules (the UDP reply never makes it back to the original requester) and I'm struggling to visualise the packet flow through all the numerous tables involved. So far Google'ing has shown me old 2.4 based ipchains ones. The netfilter site has some good text docs but is short on diagrams and a number of the external links are now dead. So is there a canonical diagram for iptables packet flow, preferably showing how NAT/Masqueraded packets are also dealt with?

    Read the article

  • Handling early/late/dropped packets for interpolation in a 3D multiplayer game

    - by Ben Cracknell
    I'm working on a multiplayer game that for the purposes of this question, is most similar to Team Fortress. Each network data packet will contain the 3D position of the target moving object. (this object could be another player) The packets are sent on a fixed interval, and linear interpolation will be used to smooth the transition between packets. Under normal circumstances, interpolation will occur between the second-to-last packet, and the last packet received. The linear interpolation algorithm is the same as this post: Interpolating positions in a multiplayer game I have the same issue as in that post, but the answers don't seem like they will work in my situation. Consider the following scenario: Normal packet timing, everything is okay The next expected packet is late. That's okay, we'll just extrapolate based on previous positions The late packet eventually arrives with corrections to our extrapolation. Now what do we do with its information? The answers on the above post suggest we should just interpolate to this new packet's position, but that would not work at all. If we have already extrapolated past that point in time, moving back would cause rubber-banding. The issue is similar in the case of an early or dropped packet. So I believe what I am looking for is some way to smoothly deal with new information in an ongoing interpolation/extrapolation process. Since I might be moving on to quadratic or even cubic interpolation, it would be great if the same solutiuon could be applied to those as well.

    Read the article

  • Wincap capture filtering expression syntax

    - by cpx
    How would specify a syntax for filtering tcp server port with its ip address? const char *packet_filter = "tcp src port 2054"; bpf_u_int32 netmask; bpf_program fcode; if (d->addresses != NULL) /* Retrieve the mask of the first address of the interface */ netmask=((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr; else /* If the interface is without an address we suppose to be in a C class network */ netmask=0xffffff; //compile the filter if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask) < 0) { fprintf(stderr,"\nUnable to compile the packet filter. Check the syntax.\n"); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } //set the filter if (pcap_setfilter(adhandle, &fcode) < 0) { fprintf(stderr,"\nError setting the filter.\n"); /* Free the device list */ pcap_freealldevs(alldevs); return -1; }

    Read the article

  • Scapy PcapReader and packets time

    - by auino
    I'm reading a PCAP file using Scapy using a script such as the (semplified) following one: #! /usr/bin/env python from scapy.all import * # ... myreader = PcapReader(myinputfile) for p in myreader: pkt = p.payload print pkt.time In this case the packets time is not relative to PCAP capture time, but starts from the instant I've launched my script. I'd like to start from 0.0 or to be relative to the PCAP capture. How can I fix it (possibly without "manually" retrieving the first packet time and repeatedly using math to fix the problem)?

    Read the article

  • PCAP Web Service Usage Logging for Dummies

    - by nick
    I've been assigned the task (for work) of working with PCAP for the first time in my life. I've read through the tutorials and have hacked together a real simple capture program which, it turns out, isn't that hard. However, making use of the data is more difficult. My goal is to log incomming and outgoing web service requests. Are there libraries (C or C++) that stitch together the packets from PCAP that would make reporting on this simple? Baring that is there something short of reading all of the RFC's from soup to nuts that will allow me to have an "ah-ha!" moment (all of the tutorials seem to stop at the raw packet level which isn't useful for me)? It looks like PERL has a library that may do this and I may eventually attempt a reverse engineer from PERL. NOTE BENE: Web Server logs aren't acceptable here as I will be intercepting on a routing device. If I had access to those I'd be done and happy...I don't.

    Read the article

  • Capture IP packets on Dialup connection - Windows 7

    - by Assaf Levy
    Our product utilizes (the wonderful) Winpcap to capture ip packets from all devices with an IP address and analyze them in real time. Unfortunately, we discovered that it does NOT capture any packets on dialup (e.g. PPP) connections on Windows 7, and that there are no near-term plans for enabling this (1). So we need something else. Microsoft Network Monitor and Windows Packet Filter are two options that surfaced during a bit of googling, but before delving into research I wanted to ask the experienced: what are out options, given the following requirements: Capture all in/outbound IP packets on the machine. Complete background processing - no UI should be involved. Support Windows Vista / 7. Performance (user should not feel the difference). Thanks in advance.

    Read the article

  • How do I fix issue causing "incomplete startup packet" log message trying to implement replication in Postgresql?

    - by colour me brad
    I've got two cloud servers running Ubuntu 13.04 and PostgreSQL 9.2. I've primarily used this blog post to aid me in setting things up. However, to do the initial database dump to the slave I'm using pg_start_backup/pg_stop_backup strategy used in this other blog post. I've read through the docs and postgres wikis as well. I ran into several problems I was able to solve, but I can't get past this wretched "the database is starting up" failure. I'm not sure if seeing "cp: cannot stat '/var/lib/postgresql/9.2/archive/00000001000000000000003A': No such file or directory" after "consistent recover state reached" is normal or the first sign of a problem. The searching I've done on "the database is starting up" and "incomplete startup packet" tells me that something is sending empty TCP packets to the slave. The only thing that even knows about the slave is the master, so I'm not sure why it's sending empty packets... Has anyone worked with this and have an idea what might be going wrong? The postgres log on the slave looks like so: 2013-08-26 13:01:38 CDT LOG: entering standby mode 2013-08-26 13:01:38 CDT LOG: restored log file "000000010000000000000039" from archive 2013-08-26 13:01:38 CDT LOG: incomplete startup packet 2013-08-26 13:01:39 CDT LOG: redo starts at 0/39000020 2013-08-26 13:01:39 CDT LOG: consistent recovery state reached at 0/390000E0 cp: cannot stat '/var/lib/postgresql/9.2/archive/00000001000000000000003A': No such file or directory 2013-08-26 13:01:39 CDT LOG: streaming replication successfully connected to primary 2013-08-26 13:01:39 CDT FATAL: the database system is starting up 2013-08-26 13:01:39 CDT FATAL: the database system is starting up 2013-08-26 13:01:40 CDT FATAL: the database system is starting up 2013-08-26 13:01:40 CDT FATAL: the database system is starting up 2013-08-26 13:01:41 CDT FATAL: the database system is starting up 2013-08-26 13:01:42 CDT FATAL: the database system is starting up 2013-08-26 13:01:42 CDT FATAL: the database system is starting up 2013-08-26 13:01:43 CDT FATAL: the database system is starting up 2013-08-26 13:01:43 CDT FATAL: the database system is starting up 2013-08-26 13:01:44 CDT FATAL: the database system is starting up 2013-08-26 13:01:44 CDT FATAL: the database system is starting up 2013-08-26 13:01:44 CDT LOG: incomplete startup packet 2013-08-26 13:03:27 CDT FATAL: the database system is starting up 2013-08-26 13:03:27 CDT FATAL: the database system is starting up 2013-08-26 13:03:30 CDT FATAL: the database system is starting up 2013-08-26 13:03:30 CDT FATAL: the database system is starting up thanks! brad

    Read the article

  • Other Ideas to troubleshoot Cisco IPSec VPN on OSX?

    - by Tawm
    We have one user running OSX Snow Leopard who is having issues staying connected to our VPN running off of an ASA5510. His connection can die even as he's actively pushing traffic across it or if he's been idle for a period of time. Other users on Snow Leopard, Lion, XP, Vista, 7 and various linux flavors are able to stay connected for 24hrs+ without issue We've deleted and remade the connection in System Preferences Networking, ran killall racoon (kills any lingering connections) Below are the logs from the user's system.log from a connect/disconnect cycle: Oct 10 21:22:25 username racoon[8192]: Connecting. Oct 10 21:22:25 username racoon[8192]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1). Oct 10 21:22:25 username racoon[8192]: IKEv1 Phase1 AUTH: success. (Initiator, Aggressive-Mode Message 2). Oct 10 21:22:25 username racoon[8192]: IKE Packet: receive success. (Initiator, Aggressive-Mode message 2). Oct 10 21:22:25 username racoon[8192]: IKEv1 Phase1 Initiator: success. (Initiator, Aggressive-Mode). Oct 10 21:22:25 username racoon[8192]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 3). Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Mode-Config message). Oct 10 21:22:29 username racoon[8192]: IKEv1 XAUTH: success. (XAUTH Status is OK). Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Mode-Config message). Oct 10 21:22:29 username racoon[8192]: IKEv1 Config: retransmited. (Mode-Config retransmit). Oct 10 21:22:29 username racoon[8192]: IKE Packet: receive success. (MODE-Config). Oct 10 21:22:29 username configd[14]: event_callback: Address added. previous interface setting (name: en1, address: 192.168.0.100), current interface setting (name: utun0, family: 1001, address: 10.215.8.53, subnet: 255.0.0.0, destination: 10.215.8.53). Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1). Oct 10 21:22:29 username configd[14]: network configuration changed. Oct 10 21:22:29 username racoon[8192]: IKE Packet: receive success. (Initiator, Quick-Mode message 2). Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3). Oct 10 21:22:29 username racoon[8192]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode). Oct 10 21:22:29 username racoon[8192]: Connected. Oct 10 21:22:29 username configd[14]: SCNCController: Connected. Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1). Oct 10 21:22:29 username racoon[8192]: IKE Packet: receive success. (Initiator, Quick-Mode message 2). Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3). Oct 10 21:22:29 username racoon[8192]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode). Oct 10 21:22:47 username login[8200]: USER_PROCESS: 8200 ttys003 Oct 10 21:22:48 username GrowlHelperApp[160]: Periodic CFURLCache Insert stats (iters: 17240) - Tx time:0.001749, # of Inserts: 1, # of bytes written: 304, Did shrink: NO, Size of cache-file: 26624, Num of Failures: 0 Oct 10 21:25:24 username login[7367]: DEAD_PROCESS: 7367 ttys002 Oct 10 21:25:31 username login[7907]: DEAD_PROCESS: 7907 ttys001 Oct 10 21:27:32 username configd[14]: SCNCController: Disconnecting. (Connection was up for, 303 seconds). Oct 10 21:27:32 username racoon[8192]: IKE Packet: transmit success. (Information message). Oct 10 21:27:32 username racoon[8192]: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA). Oct 10 21:27:32 username racoon[8192]: IKE Packet: transmit success. (Information message). Oct 10 21:27:32 username racoon[8192]: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA). Oct 10 21:27:32 username racoon[8192]: IKE Packet: transmit success. (Information message). Oct 10 21:27:32 username racoon[8192]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA). Oct 10 21:27:32 username racoon[8192]: Disconnecting. (Connection was up for, 302.766105 seconds). Oct 10 21:27:32 username configd[14]: network configuration changed. Oct 10 21:27:34 username login[8200]: DEAD_PROCESS: 8200 ttys003

    Read the article

  • What is causing a vm to exhibit packet loss?

    - by d03boy
    We have a pretty nice piece of hardware set up to run multiple virtual machines in vmware and one of the vm's is an instance of Windows Server 2003 running SQL Server 2005. For some reason we occasionally see 10-20 seconds of straight packet loss to this machine from remote machines (my workstation) as well as other vm's on the same physical hardware. I am using PingPlotter to keep a close eye on the packet loss. So far we've turned off flow control on the NIC but we are already running out of other things to try. What might be causing this and how can I identify the problem? Note: We also have another server with a very similar configuration with the same type of problem to a lesser extent (because its not used as heavily?)

    Read the article

  • How to get more NFS packet details from Wireshark?

    - by Joe Swanson
    How can I get Wireshark to give me details about NFS packets at this level of granularity? (as exemplified here here) Specifically, I am interesting in looking at the the "Stable" option toward the bottom. When I analyze captured packets (whether by capturing directly via Wireshark, importing from a tshark dump, or importing from a tcpdump dump), I do not see a "Network File System" section in the packet details. I only get general TCP information. It recognizes that a packet is destined for a NFS port, but I am not able to see these details. Any ideas?

    Read the article

  • What is causing a vm to exhibit packet loss?

    - by Joe Philllips
    We have a pretty nice piece of hardware set up to run multiple virtual machines in vmware and one of the vm's is an instance of Windows Server 2003 running SQL Server 2005. For some reason we occasionally see 10-20 seconds of straight packet loss to this machine from remote machines (my workstation) as well as other vm's on the same physical hardware. I am using PingPlotter to keep a close eye on the packet loss. So far we've turned off flow control on the NIC but we are already running out of other things to try. What might be causing this and how can I identify the problem? Note: We also have another server with a very similar configuration with the same type of problem to a lesser extent (because its not used as heavily?)

    Read the article

  • Attempting to caue packet loss with netem doesn't work - possibly because of NAT (but delay does work)

    - by tomdee
    I have traffic from a WIFI access point routed via an Ubuntu box. I have two network interfaces which are NATed *filter :INPUT ACCEPT [11:690] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [37:6224] -A FORWARD -s 192.168.2.0/24 -i eth1 -o eth0 -m conntrack --ctstate NEW -j ACCEPT -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT COMMIT # Completed on Thu Mar 15 13:37:21 2012 # Generated by iptables-save v1.4.10 on Thu Mar 15 13:37:21 2012 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -j MASQUERADE COMMIT If I run a ping app on an Android device connected to the WIFI network I can happily ping google. If I use netem to introduce some delay tc qdisc change dev eth0 root netem delay 100ms I can clearly see pings taking longer. If I use netem to introduce some packet loss tc qdisc change dev ifb0 root netem loss 50% then I see no change. Packet loss does work fine for locally generated traffic, just not for traffic coming in over the network that's being NATed. Any ideas how to sort this out?

    Read the article

  • tcpdump on dd-wrt router

    - by Senica Gonzalez
    I'm trying to capture packets from two devices on my network. I have tcpdump installed on my dd-wrt router and working correctly. However, the only packets I capture are broadcast packets when using a tcpdump statement that states only those two devices ./tcpdump -w /tmp/capture.pcap dst 192.168.3.105 or src 192.168.3.105 or dst 192.168.3.136 or src 192.168.3.136 I'm capturing on intefface br0. Is that correct? Both devices are plugged in directly to the ports 1 and 2 with ip addresses 192.168.3.105 and 192.168.3.136 respectively. Do I need to set br0 in promiscuous mode? A little stuck. Thanks.

    Read the article

  • Issue reading packets from a pcap file. dpkt

    - by Chris
    I am running the following test script to try to read packets from a sample .pcap file I have downloaded. import socket import dpkt import sys pcapReader = dpkt.pcap.Reader(file("test1.pcap", "rb")) for ts, data in pcapReader: ether = dpkt.ethernet.Ethernet(data) if ether.type != dpkt.ethernet.ETH_TYPE_IP: raise ip = ether.data src = socket.inet_ntoa(ip.src) dst = socket.inet_ntoa(ip.dst) print "%s -> %s" % (src, dst) For some reason, this is not being interpreted properly. When running it, I get KeyError: 138 module body in test.py at line 4 function __init__ in pcap.py at line 105 Program exited. Why is this? What's wrong?

    Read the article

  • Network programming and Packets interactions.

    - by Eyla
    Greeting, This month I will start working on my master thesis. My thesis's subject is about network security. I need to deal with network interfaces and packets. I've used shappcap before to interact with packets but I'm not sure if C# is the most powerful language to deal with network programing and packets. I worked a bit with winshark and I saw how powerful it is and as you know winsharp is open source developed using C++. I'm not sure if I should use C# or C++ for network security programming and I want your through about the best language might be for network programming and packets interaction. should I use C#, C++, or java or some thing else? please give me your advice. Thank you,

    Read the article

  • How to capture HTTP response with C#?

    - by Mika Kolari
    How do I capture HTTP response when the request is made by web browser? Webpage retrieves data (with post) from a service. Service returns a json object. What I want is to capture that json and parse it in realtime. What would be the simplest way to do it?

    Read the article

  • extract payload from tcpflow output

    - by Felipe Alvarez
    Tcpflow outputs a bunch of files, many of which are HTTP responses from a web server. Inside, they contain HTTP headers, including Content-type: , and other important ones. I'm trying to write a script that can extract just the payload data (i.e. image/jpeg; text/html; et al.) and save it to a file [optional: with an appropriate name and file extension]. The EOL chars are \r\n (CRLF) and so this makes it difficult to use in GNU distros (in my experiences). I've been trying something along the lines of: sed /HTTP/,/^$/d To delete all text from the the beginning of HTTP (incl) to the end of \r\n\r\n (incl) but I have found no luck. I'm looking for help from anyone with good experience in sed and/or awk. I have zero experience with Perl, please I'd prefer to use common GNU command line utilities for this Find a sample tcpflow output file here. Thanks, Felipe

    Read the article

  • missing elements from pcap?

    - by Matthew
    When I check the attributes available to the module pcap, I expect to see something like 'DLT_AIRONET_HEADER', 'DLT_APPLE_IP_OVER_IEEE1394', 'DLT_ARCNET', 'DLT_ARCNET_LINUX', 'DLT_ATM_CLIP', 'DLT_ATM_RFC1483', 'DLT_AURORA', 'DLT_AX25', 'DLT_CHAOS', 'DLT_CISCO_IOS', 'DLT_C_HDLC', 'DLT_DOCSIS', 'DLT_ECONET', 'DLT_EN10MB', 'DLT_EN3MB', 'DLT_ENC', 'DLT_FDDI', 'DLT_FRELAY', 'DLT_IEEE802', 'DLT_IEEE802_11', 'DLT_IEEE802_11_RADIO', 'DLT_IEEE802_11_RADIO_AVS', 'DLT_IPFILTER', 'DLT_IP_OVER_FC', 'DLT_JUNIPER_ATM1', 'DLT_JUNIPER_ATM2', 'DLT_JUNIPER_ES', 'DLT_JUNIPER_GGSN', 'DLT_JUNIPER_MFR', 'DLT_JUNIPER_MLFR', 'DLT_JUNIPER_MLPPP', 'DLT_JUNIPER_MONITOR', 'DLT_JUNIPER_SERVICES', 'DLT_LINUX_IRDA', 'DLT_LINUX_SLL', 'DLT_LOOP', 'DLT_LTALK', 'DLT_NULL', 'DLT_PFLOG', 'DLT_PPP', 'DLT_PPP_BSDOS', 'DLT_PPP_ETHER', 'DLT_PPP_SERIAL', 'DLT_PRISM_HEADER', 'DLT_PRONET', 'DLT_RAW', 'DLT_RIO', 'DLT_SLIP', 'DLT_SLIP_BSDOS', 'DLT_SUNATM', 'DLT_SYMANTEC_FIREWALL', 'DLT_TZSP', 'builtins', 'doc', 'file', 'name', '_newclass', '_object', '_pcap', '_swig_getattr', '_swig_setattr', 'aton', 'dltname', 'dltvalue', 'findalldevs', 'lookupdev', 'lookupnet', 'ntoa', 'pcapObject', 'pcapObjectPtr'] With note on pcapObject. However, all I get when running dir(pcap) is ['DLT_ARCNET', 'DLT_AX25', 'DLT_CHAOS', 'DLT_EN10MB', 'DLT_EN3MB', 'DLT_FDDI', 'DLT_IEEE802', 'DLT_LINUX_SLL', 'DLT_LOOP', 'DLT_NULL', 'DLT_PFLOG', 'DLT_PFSYNC', 'DLT_PPP', 'DLT_PRONET', 'DLT_RAW', 'DLT_SLIP', 'author', 'builtins', 'copyright', 'doc', 'file', 'license', 'name', 'url', 'version', 'bpf', 'dltoff', 'ex_name', 'lookupdev', 'pcap', 'sys'] Noting the lack of pcapObject. Why is this? What could cause this?

    Read the article

  • Python port forwarding/multiplexing server

    - by Ib33X
    I would like to make server that listen on UDP port 162 (SNMP trap) and then forwards this traffic to multiple clients. Also important is that the source port & address stays same (address spoofing). I guess that best tool for this would be Twisted or Scapy or mybe vanilla sockets, only I can't find anything in the documentation for Twisted about source address spoofing/forging. What would you recommend me to do? Edit:added bounty

    Read the article

  • libnet that properly calculates checksum on IPV6

    - by VeaEm
    I have recently started playing around with libnet and using it to generate IPV6 packets. I am very new at programming, however, I am quite happy with the library. I have one problem with it though. It seems that libnet currently does not have the ability to properly calculate checksums on IPV6 packets. Being so new to programming, I am not yet capable of fixing this problem (although I am learning, so that one day I can). I am curious, has anyone run across a version of the library that can do this properly? Thanks!

    Read the article

< Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >