Search Results

Search found 111 results on 5 pages for 'sniff'.

Page 3/5 | < Previous Page | 1 2 3 4 5  | Next Page >

• What is an application for "web site recognition"?

  - by OSX Jedi

  This explanation isn't clear to me. Let me describe an application for web site recognition. Suppose that we want to know what everyone is doing with the web at starbuck. We can use wireshark or other programs to sniff all the packets. By grouping all the secondary connections with the primary one, then we would be able to get a much easier picture of user's primary activities. Is this talking about being able to recognize which websites each of the laptops are connecting to?

  Read the article

• A website hosted on the 1.0.0.0/8 subnet, somewhere on the Internet?

  - by Dave Markle

  Background I'm attempting to demonstrate, using a real-world example, of why someone would not want to configure their internal network on the 1.0.0.0/8 subnet. Obviously it's because this is not designated as private address space. As of 2010, ARIN has apparently allocated 1.0.0.0/8 to APNIC (the Asia-Pacific NIC), who seems to have begun assigning addresses in that subnet, though not in 1.1.0.0/16, 1.0.0.0/16, and others (because these addresses are so polluted by bad network configurations all around the Internet). My Question My question is this: I'd like to find a website that responds on this subnet somewhere and use it as a counter-example, demonstrating to a non-technical user its inaccessibility from an internal network configured on 1.0.0.0/8. Other than writing a program to sniff all ~16 million hosts, looking for a response on port 80, does anyone know of a directory I can use, or even better yet, does anyone know of a site that's configured on this subnet? WHOIS seems to be too general of a search for me at this point...

  Read the article

• Best Practices in Preventing Locks in File sharing in Windows?

  - by crosenblum

  We have a web development server, that has our source control on it. That we use via mapped drives to open/edit/save/create files on to it. But I have noticed a lot of weird glitches with either the file lock/sharing/etc For example, if i have a file open on my local pc, and try to check out that file via my source control on dev, it error's out. The source control I use is QCVS by Qumasoft. Or If I use cuteftp to download something to dev, via my local pc, it won't download unless I close that file. So my brain sniff's and figures this is either an issue with folder/network/sharing, or an issue of permissions. Has anyone else had similar issues, and what did they do to fix it permanently? Thank you...

  Read the article

• Why does my win7 back ground and theme settings reset to default after every reboot ?

  - by JubJub

  I have the new ASUS G73. Everything is perfect, but for unknown reasons to me after customizing the background and theme colors, rebooting resets all these back to default (the theme that originally came with the laptop) Is there a way to stop this madness? Is there some kind of configuration reset app that runs on start up for ASUS computers? This is my first ASUS so I don't know what to expect with the factory bloatware. No, I don't feel like re-installing bare-bones windows just to get rid of the bloatware. Everything works fine except for this one little thing :( Sniff.

  Read the article

• Setting up a linux switch

  - by Shahmir Javaid

  I have a C++ Program to sniff each and every packet that crosses my linux box. However i need to now get my linux box to listen to every traffic in my network. I could buy a managed switch and set up port spanning, but i aint paying 200+ £'s for a switch and plus gives me a chance to learn. My Network +---------Computer A | Internet-----Router------Switch-------------+---------Linux Box | +---------Computer B Proposed Network +---------Computer A | Internet-----Router------Linux Box--------Switch eth0^ ^eth1 | +---------Computer B How would i setup this in linux. Do i just configure both the ethernet on different IP Address on the same network. Or am i completelly on the wrong track My System Fedora 13. Thanks

  Read the article

• How to route traffic via another machine before the default gateway

  - by Rich

  At the moment I have a router on 192.168.0.1, a Linux box on 192.168.0.2 and desktop clients from 192.168.0.3. Everything works with 192.168.0.1 as the default gateway. I'd like to send the traffic from the desktop clients via the Linux box before it goes out through the router so I can sniff the traffic (some of these are wireless connections). Can I set the default gateway to 192.168.0.2 on the desktop clients and then perhaps add some iptables rules to forward this traffic through 192.168.0.1? Quite happy to change the client desktops to another subnet if that makes it easier. Thanks in advance.

  Read the article

• Using (embedding?) wireshark in a C application for sniffing

  - by happy_emi

  I'm writing a C/C++ application which needs (among other things) to sniff packets and save the output in a file. This file will be read and processed by wireshark after a few days, using a LUA script to do some other stuff. My question is for the sniffing part which must be provided by my application. I can see two ways to do this: 1) Fork the wireshark process in background (of course using the command line version) 2) Using wireshark as library: no forking but include stuff like "wireshark.h" and link against libwireshark.so, thus using function calls to do the sniffing. So far I haven't found any documentation about #2 and it seems that #1 is the "right way" to embed sniffing capabilities in my code. Do you think I'm doing he right thing? Does wireshark allow embedding as a library?

  Read the article

• iOS and Server: OAuth strategy

  - by drekka

  I'm trying to working how to handle authentication when I have iOS clients accessing a Node.js server and want to use services such as Google, Facebook etc to provide basic authentication for my application. My current idea of a typical flow is this: User taps a Facebook/Google button which triggers the OAuth(2) dialogs and authenticates the user on the device. At this point the device has the users access token. This token is saved so that the next time the user uses the app it can be retrieved. The access token is transmitted to my Node.js server which stores it, and tags it as un-verified. The server verifies the token by making a call to Facebook/google for the users email address. If this works the token is flagged as verified and the server knows it has a verified user. If Facebook/google fail to authenticate the token, the server tells iOS client to re-authenticate and present a new token. The iOS client can now access api calls on my Node.js server passing the token each time. As long as the token matches the stored and verified token, the server accepts the call. Obviously the tokens have time limits. I suspect it's possible, but highly unlikely that someone could sniff an access token and attempt to use it within it's lifespan, but other than that I'm hoping this is a reasonably secure method for verification of users on iOS clients without having to roll my own security. Any opinions and advice welcome.

  Read the article

• BCM2046B1 Bluetooth Dongle connection problem

  - by Andfoy

  Well i have a Blueooth dongle with an BCM2046 IC intrregated, my problem is that when i connect it, Ubuntu recognize it, but it don't work whe i try to scan or scan the PC from other device, i replaced the default Gnome Bluetooth manager and i installed Blueman, but the problem presists. The Bluetooth LED indicator appears to be "working". I'm using 11.10 Oneiric Ocelot hcitool dev: Devices: hci0 89:21:XX:XX:XX:XX lsusb: Bus 002 Device 003: ID 0a5c:4500 Broadcom Corp. BCM2046B1 USB 2.0 Hub (part of BCM2046 Bluetooth) Bus 002 Device 004: ID 0a5c:2100 Broadcom Corp. Bluetooth 2.0+eDR dongle hciconfig -a: hci0: Type: BR/EDR Bus: USB BD Address: 89:21:XX:XX:XX:XX ACL MTU: 1017:8 SCO MTU: 64:0 UP RUNNING PSCAN ISCAN RX bytes:1329 acl:0 sco:0 events:40 errors:0 TX bytes:671 acl:0 sco:0 commands:35 errors:0 Features: 0xff 0xff 0x8d 0xfe 0x9b 0xf9 0x00 0x80 Packet type: DM1 DM3 DM5 DH1 DH3 DH5 HV1 HV2 HV3 Link policy: RSWITCH HOLD SNIFF PARK Link mode: SLAVE ACCEPT Name: 'ubuntu-0' Class: 0x4a0100 Service Classes: Networking, Capturing, Telephony Device Class: Computer, Uncategorized HCI Version: 2.0 (0x3) Revision: 0x4000 LMP Version: 2.0 (0x3) Subversion: 0x430e Manufacturer: Broadcom Corporation (15) Sorry for my English and thanks for any hints.

  Read the article

• You wouldn&rsquo;t drink 9 year old milk would you?

  - by Jim Duffy

  This is an absolutely brilliant campaign to urge users that its time to move on from IE 6. I like how it puts it terms that everyone can understand and has probably experienced at one time or another. How many times have you opened the milk, took a sniff, and experienced that visceral reaction that accompanies catching a whiff of milk that has turned to the dark side of the force? I call it Darth Vader milk. :-) Of course I’m assuming that you haven’t used IE 6 for a long time now. It is our responsibility as information technology workers to communicate to our friends and family how lame using IE 6 is. Shame them into upgrading if necessary. I don’t care how you get through to them but get through. Tell them that only losers use IE 6. Tell them you’ll cut them out of the your will. Tell them they’re banned from your annual BBQ blowout. Tell them that [insert their favorite celebrity’s name here] thinks people using IE6 are losers.  :-) Seriously, IE6 sucks and blows at the same time and has got to go for a number of reasons including the security leaks that come with using it. Confidentially, I urge them to upgrade for purely selfish reasons. Because I am the first level of computer support for waaaaaay to many of my family members I always advocate they use a current browser (IE 8 or Firefox) and anti-virus software (AVG). Call me selfish but I’d rather not waste my time dealing with a virus or malware that could potentially slip through with IE6. Yes, I’m selfish with my time that way. :-) Have a day. :-|

  Read the article

• Google Rolls Out Secured Search. It’s Slightly Different From Regular Search

  - by Gopinath

  Google rolled out secured version of it’s search engine at https://google.com (did you notice https instead of http?). This search engine lets everyone to use Google search in a secured way. How is it secured? When you use https://google.com, the data exchanged between your browser and Google servers is encrypted to make sure that no one can sniff it. Is my search history secured from Google? No. The search queries you submit to Google are stored in Google servers. There is no change Google’s search history recording. Any differences between Regular Search and Secured Search Results? Yes. Secured search is slightly different from regular search. When you are accessing Google Secured Search Image search options will not be available on the left side bar. Site may respond slow compared to regular search site as there is a overhead to establish between your browser and the server. Join us on Facebook to read all our stories right inside your Facebook news feed.

  Read the article

• Asp.Net MVC does automatic model validation for DateTime but no others

  - by MattSlay

  I'm using MVC 2 with some Models from a LinqToSql project that I built. I see that when I post back to a Controller Action after editing a form that has a DateTime field from the Model, the MVC Html.ValidationMessageFor() helper will nicely display an error beside the Date text box. This seems to happen automatically when the you test ModelState.IsValid() in the Controller Action, as if the MVC model binding automatically knows that the DateTime field cannot be empty. My question is... I have some other string fields in these LinqToSql generated classes that are Not-Nullable (marked as Not Nullable in Sql Server which passes thourgh to the LinqToSql generated classes), so why doesn't Mr. MVC pick up on those as well and display a "Required" message in the ValidationMessageFor() placeholders I have added for those fields? Sure, I have successfully added the MetadataType(typeof) buddy classes to cover these Non-nullable string fields, but it sure does seem redundant to add all this metadata in buddy classes when the LinqToSql generated classes already contain enough info that MVC could sniff out. It MVC validation works with DateTime automatically, why not these Not-nullable fields too?

  Read the article

• ASP.NET remote debugging using Visual Studio 2008

  - by schmoopy

  Im having issues getting this to work, maybe its not even possible? I have a PUBLIC Server http://publicserver.com I want to debug using my laptop from my home (for instance) I run msvsmon.exe on the public server, it starts up fine. On my local machine, i have my code open and in VS, i choose Debug-Attach for Qualifier i enter publicserver.com, but it tells me it cannot find it Questions: 1.) What port does remote debugging use? If i port sniff i dont see msvsmon.exe opening any new port ... Does it use 4015 by default? I dont think its a security thing, so please dont point me to the articles, i have followed them as much as i can, but they dont work for my scenerio (unless you find one i havent seen) Thanks :-)

  Read the article

• Session ID Rotation - does it enhance security?

  - by dound

  (I think) I understand why session IDs should be rotated when the user logs in - this is one important step to prevent session fixation. However, is there any advantage to randomly/periodically rotating session IDs? This seems to only provide a false sense of security in my opinion. Assuming session IDs are not vulnerable to brute-force guessing and you only transmit the session ID in a cookie (not as part of URLs), then an attacker will have to access your cookie (most likely by snooping on your traffic) to get your session ID. Thus if the attacker gets one session ID, they'll probably be able to sniff the rotated session ID too - and thus randomly rotating has not enhanced security.

  Read the article

• Is my form password being passed in clear text?

  - by liinkas

  This is what my browser sent, when logging into some site: POST http://www.some.site/login.php HTTP/1.0 User-Agent: Opera/8.26 (X2000; Linux i686; Z; en) Host: www.some.site Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: en-US,en;q=0.9 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Referer: http://www.some.site/ Proxy-Connection: close Content-Length: 123 Content-Type: application/x-www-form-urlencoded lots_of_stuff=here&e2ad811=my_login_name&e327696=my_password&lots_of_stuff=here Can I state that anyone can sniff my login name and password for that site? Maybe just on my LAN? If so (even only on LAN ) then I'm shocked. I thought using <input type="password"> did something more than make all characters look like ' * ' p.s. If it matters I played with netcat (on linux) and made connection browser <= netcat (loged here) <= proxy <= remote_site

  Read the article

• Packet Crafting on a Mac

  - by JayCrossler

  I think (based on searching the forums), that NetCat is the best option, but wanted to hear if others are preferable. Anyone have good success with a packet-crafting tool (specifically on Mac)? I've tried HPing, but had some issues. I'm looking into NetCat ('nc' on mac) now, but it's not working as I had thought. Basically, I captured some packets that a remote control sends over a wifi network to turn lights on and off (using X10 controllers), and am looking for a way to replay them by crafting a TCP packet from the command line. I used Wireshark to sniff the traffic, so I know the package is: DEVICE -sendplc-"C4 DIM 10" I'm trying: echo 'DEVICE -sendplc-"C4 DIM 10"' nc 192.168.2.196 6003 but there's no response from the receiving system. The exact bytestream is (if anyone wants to check that I got the right dataframe): 08004642f1b400260897ad6308004500004b08e240004006aaf5c0a802c1c0a802c4d8d7177399aab39 e57ff4753801880ae37ea00000101080a323353ce01b406424445564943457e73656e64706c637e2243 34204f4e220a Next step I'm going to check is to make sure the packet arrives exactly by sniffing and compare it to the original. [EDIT: Also at ServerFault now: Packet Crafting on a Mac, so this one becomes a duplicate across the two sites]

  Read the article

• change extension obfuscate XML file contents

  - by FFish

  I have SlideShowPro, a Flash photo app that loads an XML file with the paths to the images. Now I don't want people to go sniff in the XML file to get to the images. I tried changing the file images.xml to spacer.gif and it seems to work fine. But I would like to know if I would run into any problems changing the extension. btw already used a few techniques to make the images not so accessible, I know there is no bulletproof solution. Obfuscating the XML file is just another trick..

  Read the article

• RST packet sent by the server

  - by intoTHEwild

  I am developing a client in Flash and using http req/resp to communicate with the server. For a while the session works fine and then the connection is terminated by the server. I did a wireshark sniff at the server and the last message which it sends is a RST packet. Also it happens only when I'm using IE and the server and client are in different domains. This does not happen in FireFox. I have been struggling to find a sol, till I found this thread. It's a bit old but I hope I could get some help. I am not sure if this bit of info is important but I am connecting to the server via a gateway. Any clue or suggestions for where should I look into to locate the problem ?

  Read the article

• How to force HtmlUnit to save page?

  - by booroondook

  Hello. I'm using HtmlUnit to click on a HtmlElement that triggers Javascript action: currentPage = ((HtmlElement) currentPage.getByXPath("//*[contains(@onclick, 'check();')]").get(0)).click(); The element is: <a href="#" onclick="check(); return false;"> The page returned is quite similar to the page, containing that element: same URL, mostly same HTML, but there are some minor differences in the HTML and HtmlUnit doesn't save the new page. I'm using HttpAnalyzer to sniff the traffic and I see that the Webclient correctly handles JS and send the right request. The response is also correct, but when I dump the contents of the currentPage to a file, I see that the actual page didn't change. How can I fix it?

  Read the article

• Are google chrome extension "content" scripts sandboxed?

  - by jabapyth

  I was under the impression that the content_scripts were executed right on the page, but it now seems as though there's some sandboxing going on. I'm working on an extension to log all XHR traffic of a site (for debugging and other development purposes), and in the console, the following sniff code works: var o = window.XMLHttpRequest.prototype.open; window.XMLHttpRequest.prototype.open = function(){ console.log(arguments, 'open'); return o.apply(this, arguments); }; console.log('myopen'); console.log(window, window.XMLHttpRequest, window.XMLHttpRequest.prototype, o, window.XMLHttpRequest.prototype.open); This logs a message everytime an XHR is sent. When I put this in an extension, however, the real prototype doesn't get modified. Apparently the window.XMLHttpRequest.prototype that my script is seeing differs from that of the actual page. Is there some way around this? Also, is this sandboxing behavior documented anywhere? I looked around, but couldn't find anything.

  Read the article

• Building an http packet in libnet(tcp packet), Please help us as soon as posible. we are stuck!

  - by Hila

  we are building a NAT program,we change each packet that comes from our internal subnet, change it's source IP address by libnet functions.( catch the packet with libpcap, put it sniff structures and build the new packet with libnet) over TCP, the syn/ack packets are good after the change, and when a HTTP-GET request is coming, we can see by wireshark that there is an error on the checksum field.. all the other fields are exactly the same as the original packet. Is anyone knows what can cause this problem? the new checksum in other packets is calculated as it should be.. but in the HTTP packet it doesn't..

  Read the article

• jQuery: How to find elements *without* a class set

  - by Alan

  Hey jQuery clever peeps, Why does this fail... $( 'div.contactAperson input' ).not( 'input.hadFocus' ).focus(function() { $(this).attr('value', '' ); }); ...it's meant to sniff out input's that have not got the class .hadFocus and then when one of that subset receives focus it should zap the value to null. Right now, input values are always getting zapped -- the test .not( 'input.hadFocus' ) is failing to stop execution. Btw, preceding the above code is the following code, which is working fine: $( 'div.contactAperson input' ).focus(function() { $( this ).addClass( 'hadFocus' ); }); Thanks for any cleverness - cheers, -Alan

  Read the article

• SSL: can the secret key be sniffed before the actual encryption begins?

  - by Jorre

  I was looking into SSL and some of the steps that are involved to set up an encrypted connection between a server and a client computer. I understand that a server key and certificate is sent to the browser, and that a secret code is being calculated, like they say in the following video: http://www.youtube.com/watch?v=iQsKdtjwtYI around 5:22, they talk about a master secret code that is being calculated to start talking in an encrypted way. My question now is: before the connection is actually encrypted (the handshake phase), all communication between the server and the client can be sniffed by a packet sniffer. Isn't it then possible to sniff the encryption key or other data that is used to set up a secure connection?

  Read the article

• How do I handle user authorization the safest way?

  - by Irro

  I'm developing a small website where I'm going to allow user to create accounts but I'm quite clueless when it comes to safety around authorizations. I have built my project in PHP with codeigniter and found a library (Tank Auth) that could handle authorization for me. It stores password in a safe way but I'm still worried about the part when the user sends their password to my server. One easy way to do it would be to send the password in a post-request but I would guess that it's quite easy to sniff such a password. Should I do something with the password on the client side before sending it to my server? And is there any good javascript libraries for this?

  Read the article

• checksum error with building an HTTP packet(but over TCP, like syn/ack its ok)

  - by Hila

  I am building a NAT program,I change each packet that comes from our internal subnet, change it's source IP address by libnet functions.( catch the packet with libpcap, put it sniff structures and build the new packet with libnet) I am trying to build an http packet. When I look on wireshark, I see that the new packet that I have built is exectly like the original packet(the only diffrent is that I changed the src port and ip), but there is a checksum error, So the server don't do anything with the packet that I have sent to him, beacuse the cheksum field is wrong. When I send a tcp packet(like syn or ack), the checksum is ok, and the server respons. Is anyone knows what can cause this problem? the new checksum in other packets is calculated as it should be.. but in the HTTP packet it doesn't..

  Read the article

< Previous Page | 1 2 3 4 5  | Next Page >