Search Results

Search found 1687 results on 68 pages for 'packet sniffing'.

Page 7/68 | < Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >

  • Understanding packet flows over RVI

    - by choco-loo
    I'm trying to get a full grasp of firewall filters and how to apply them on a Juniper EX4200 switch - to be able to block ports, police traffic and shape traffic. The network architecture is as follows internet >-< vlan4000 >-< vlan43 vlan4000 is a public "routed" block (where all the IPs are routed to and the internet gw is) vlan43 is a vlan with public IPs with devices (servers) attached There are static routes and RVI's on the EX4200 to send all traffic via vlan4000's gateway to reach the internet. I've set up filters on both input and output of the respective RVI's and VLAN's - with simple counters, to measure traffic flow from a server inside of vlan43 and a server on the internet. Using a combination of iperf for UDP and TCP tests and fping for ICMP tests - I observed the following, icmp vlan43>internet internet>vlan43 unit4000-counter-in 0 0 unit4000-counter-out 0 0 unit43-counter-in 100 100 unit43-counter-out 0 0 vlan4000-counter-in 6 4 vlan4000-counter-out 107 104 vlan43-counter-in 101 100 vlan43-counter-out 100 100 tcp vlan43>internet internet>vlan43 unit4000-counter-in 0 0 unit4000-counter-out 0 0 unit43-counter-in 73535 38480 unit43-counter-out 0 0 vlan4000-counter-in 7 8 vlan4000-counter-out 73543 38489 vlan43-counter-in 73535 38481 vlan43-counter-out 38938 75880 udp vlan43>internet internet>vlan43 unit4000-counter-in 0 0 unit4000-counter-out 0 0 unit43-counter-in 81410 1 unit43-counter-out 0 0 vlan4000-counter-in 18 7 vlan4000-counter-out 81429 8 vlan43-counter-in 81411 1 vlan43-counter-out 1 85472 My key goals are to set up a few filters and policers, as there will be many more VLANs - that all need protecting from each other and the internet. Then globally limit/police all outbound traffic to the internet Block inbound ports to vlan43 (eg. 22) Limit outbound traffic from vlan43 (to the internet) Limit outbound traffic from vlan43 (to other vlans) Limit outbound traffic from vlan4000 (to the internet from all vlans) Route traffic from vlans via specific routing instances (FBF) The question What I want to understand is why there isn't ever any activity on unit4000 or vlan4000 inbound or outbound counter - is this because there isn't a device on this VLAN - and that the traffic is only traversing it? And with regards to the TCP test - why is there twice as many packets on unit43-counter-in, vlan4000-counter-out and vlan43-counter-in - is this counting both the inbound and outbound traffic?

    Read the article

  • Torrent, ISA Server 2006 and packet dropped due to TCP_NOT_SYNC

    - by Pascal
    Hi, I'm trying to get uTorrent 2.0.4 to work in a DMZ machine, protected by a ISA Server 2006. I've opened 1 inbound port (via publishing) and opened all the higher ports for that specific machine that runs uTorrent on my DMZ, and it's working almost fine. The problem is that I keep getting packets dropped with 0xc0040017 FWX_E_TCP_NOT_SYN_PACKET_DROPPED. Is there any way to disable this via registry? Is there any way around this? The download speed fluctuates a lot, and when I starts hitting the upper limit that I've defined in uTorrent, the errors start poping up a lot, and the download speed goes way down, and the process repeats on and on Tks Edit My outbound rules are: Port Range: TCP 10000-65535 Outbound Port Range: UDP 10000-65535 Send Edit It's probably a bug handling requests from Windows 7. When I installed the uTorrent on a XP machine, the problem went away

    Read the article

  • What does this UDP Packet mean ?

    - by asksuperuser
    I'm total newbie at tcp/ip and I was experimenting with Wireshark. What this mean: 1824 578.194204 xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy UDP Source port: 17500 Destination port: 17500 In data I can see that my user pc name is sent (happily it's a generic name): does this mean someone is trying to hack my pc ?

    Read the article

  • How does Router know where to forward packet

    - by kornelijepetak
    If several computers with local addresses (192.168.0.#) are connected to a router and each computer opens a web browser and requests a page over HTTP, when these TCP:80 packets are sent out, the router switches the local address with the static IP of the router (i.e. Provider given IP) so the server can reply to the appropriate address. But how does the router know to which computer to forward the HTTP reply, since the TCP header does not contain the local IP address (does it?), and all computers are using port 80? Does this have anything to do with the MAC addresses? How exactly does this work?

    Read the article

  • What does this TCP Packet mean ?

    - by asksuperuser
    I'm total newbie at tcp/ip and I was experimenting with Wireshark. What this mean: 1824 578.194204 xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy UDP Source port: 17500 Destination port: 17500 In data I can see that my user pc name is sent (happily it's a generic name): does this mean someone is trying to hack my pc ?

    Read the article

  • [SOLVED] vmware problems - networking - no packet response

    - by jack
    XP is my host. Ubuntu is my Guest in VMware. When I do the following commands, I should get SMTP respones but now get no response. I use wireshark to analayze it. Also in wireshark shows nothing. root@vmware:~# netcat 192.168.1.2 25 220 762462a8c4d Microsoft ESMTP MAIL Service, Version: 6.0.2600.5949 ready at Fri, 12 May 2010 18:04:20 +0800 EHLO SAYHELLO VRFY TEST@LOCALHOST test \ sdfsafsd How can I fix it? UPDATE: I came to know that this is no VMWare problem. This is Netcat problem. For this, you might have to type Ctrl+M {ENTER} {ENTER}

    Read the article

  • hung up troubleshooting packet discards

    - by Chris Satola
    I realize my question is generic, but hopefully someone may have some guidance for me. My network consists of Cisco switches. I am seeing a significant amount (upwards of millions of packets per day) transmit drops between two switches. One being a 3750 and the other a 3560. The peak throughput of this link is only upper 400Mbps, so it shouldn't be a bandwidth issue. At this point, I am sort of clueless where to look or what tools I can use to determine what packets are dropping and why. I can setup a SPAN port on that link and wireshark it, but I don't know if that could tell me anything. Does anyone have any suggestions? Thanks in advance.

    Read the article

  • Using IP Tables to deny packet patterns?

    - by Chris
    I'm not experienced with IP tables but it's something I'll be looking into if this is plausible. I'm looking to set up a system to inspect packets and look for a pattern similar to korek's chop chop attack. Is there a way to set up the IP tables to defend against this attack? Thanks

    Read the article

  • vmware problems - networking - no packet response

    - by jack
    XP is my host. Ubuntu is my Guest in VMware. When I do the following commands, I should get SMTP respones but now get no response. I use wireshark to analayze it. Also in wireshark shows nothing. root@vmware:~# netcat 192.168.1.2 25 220 762462a8c4d Microsoft ESMTP MAIL Service, Version: 6.0.2600.5949 ready at Fri, 12 May 2010 18:04:20 +0800 EHLO SAYHELLO VRFY TEST@LOCALHOST test \ sdfsafsd How can I fix it?

    Read the article

  • Count all received packet using Tshark

    - by user1269592
    i am build application who start capturing via Tshark with command line and i am looking for option to count all the received packets after i am start Tshark process this is my function who start the process: int _interfaceNumber; string _pcapPath; Process tshark = new Process(); tshark.StartInfo.FileName = _tshark; tshark.StartInfo.Arguments = string.Format(" -i " + _interfaceNumber + " -V -x -s " + _packetLimitSize + " -w " + _pcapPath); tshark.StartInfo.RedirectStandardOutput = true; tshark.StartInfo.UseShellExecute = false; tshark.StartInfo.CreateNoWindow = true; tshark.StartInfo.WindowStyle = ProcessWindowStyle.Hidden; tshark.Start(); maybe someone had an idea ?

    Read the article

  • Using (embedding?) wireshark in a C application for sniffing

    - by happy_emi
    I'm writing a C/C++ application which needs (among other things) to sniff packets and save the output in a file. This file will be read and processed by wireshark after a few days, using a LUA script to do some other stuff. My question is for the sniffing part which must be provided by my application. I can see two ways to do this: 1) Fork the wireshark process in background (of course using the command line version) 2) Using wireshark as library: no forking but include stuff like "wireshark.h" and link against libwireshark.so, thus using function calls to do the sniffing. So far I haven't found any documentation about #2 and it seems that #1 is the "right way" to embed sniffing capabilities in my code. Do you think I'm doing he right thing? Does wireshark allow embedding as a library?

    Read the article

  • Building an http packet in libnet(tcp packet), Please help us as soon as posible. we are stuck!

    - by Hila
    we are building a NAT program,we change each packet that comes from our internal subnet, change it's source IP address by libnet functions.( catch the packet with libpcap, put it sniff structures and build the new packet with libnet) over TCP, the syn/ack packets are good after the change, and when a HTTP-GET request is coming, we can see by wireshark that there is an error on the checksum field.. all the other fields are exactly the same as the original packet. Is anyone knows what can cause this problem? the new checksum in other packets is calculated as it should be.. but in the HTTP packet it doesn't..

    Read the article

  • What is the difference between "ORA-12571: TNS packet writer failure" and "ORA-03135: connection los

    - by Philippe
    I am working in an environment where we get production issues from time to time related to Oracle connections. We use ODP.NET from ASP.NET applications, and we suspect the firewall closes connections that have been in the connection pool too long. Sometimes we get an "ORA-12571: TNS packet writer failure" error, and sometimes we get "ORA-03135: connection lost contact." I was wondering if someone has run into this and/or has an understanding of the difference between the 2 errors.

    Read the article

  • Which Packet Capture Format is better?

    - by Lopper
    I am writing an application to save the captured IP packets to file. Which of the following packet capture format is better suited for use as the file format? Click on the link for more information on each. Snoop (rfc1761) PCAP In addition, is there a C# library for any of the above format?

    Read the article

  • ifconfig packet count

    - by kumar
    Hi, if I type ifconfig i get packet for Tx and RX ... where exactly the piece of code to increment this counter? Is it in the network driver itself? or in the kernel ? If possible please provide lxr link of the counter variable used. Thx !

    Read the article

  • decompiling a DNS packet

    - by rgksugan
    I am trying to catch DNS packets which are sent from my system using Jpcap API. I have got an dns packet. I want to retrieve the ip address for which the DNS lookup is made. How can i get that?

    Read the article

  • determining HTTP packets

    - by Eyla
    Greeting, how is possible to determine from captured packets using sharppcap if the packet is http packet or not? and can we determine frpm TCP packets if the packet is HTTP or not?

    Read the article

  • Using Boost.Asio to get "the whole packet"

    - by wowus
    I have a TCP client connecting to my server which is sending raw data packets. How, using Boost.Asio, can I get the "whole" packet every time (asynchronously, of course)? Assume these packets can be any size up to the full size of my memory. Basically, I want to avoid creating a statically sized buffer.

    Read the article

  • Emulator TCP Packet Size

    - by jpspringall
    Has anyone tried to do a tcp client server app using the emulator using the pc as a server and the phone as the client? I've got a bit of an issue where its only sending one packet, ie 1491 bytes of data regardless of how much there actually is to send, from the client(Phone) to the server(PC) Thanks James

    Read the article

  • Boost ASIO async_write "Vector iterator not dereferencable"

    - by xeross
    Hey, I've been working on an async boost server program, and so far I've got it to connect. However I'm now getting a "Vector iterator not dereferencable" error. I suspect the vector gets destroyed or dereferenced before he packet gets sent thus causing the error. void start() { Packet packet; packet.setOpcode(SMSG_PING); send(packet); } void send(Packet packet) { cout << "DEBUG> Transferring packet with opcode " << packet.GetOpcode() << endl; async_write(m_socket, buffer(packet.write()), boost::bind(&Session::writeHandler, shared_from_this(), placeholders::error, placeholders::bytes_transferred)); } void writeHandler(const boost::system::error_code& errorCode, size_t bytesTransferred) { cout << "DEBUG> Transfered " << bytesTransferred << " bytes to " << m_socket.remote_endpoint().address().to_string() << endl; } Start gets called once a connection is made. packet.write() returns a uint8_t vector Would it matter if I'd change void send(Packet packet) to void send(Packet& packet) Not in relation to this problem but performance wise.

    Read the article

< Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >