Search Results

Search found 1705 results on 69 pages for 'syn packet'.

Page 9/69 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • Capturing wireless traffic (using Wireshark).

    - by Daisetsu
    When I run wireshark on a wired network it works fine and reports all of the packets. When I run it on a wireless network though I only see my own traffic. The wireless card I have is supposed to support packet capture and go into premiscous mode, but I don't see any other system traffic. What is wrong?

    Read the article

  • Video packet capture over multiple IP cameras

    - by nimals1986
    Hello We are working on a C language application which is simple RTSP/RTP client to record video from Axis a number of Cameras . We launch a pthread for each of the camera which establishes the RTP session and begins to record the packets captured suing the recvfrom() call... A single camera single pthread records fine for well over a day without issues.. but testing with more cameras available,about 25(so 25 pthreads), the recording to file goes fine for like 15 to 20 mins and then the recording just stops ..the application still keeps running .. Its been over a month and a half we have been trying with varied implementations but nothing seems to help .. Please provide suggestions.. We are using CentOS 5 platform

    Read the article

  • Convert from port numbers to protocol names in wireshark

    - by Berkay
    i'm simply using tshark -r botnet.pcap -T fields -E separator=';' -e ip.src -e tcp.srcport -e ip.dst -e tcp.dstport '(tcp.flags.syn == 1 and tcp.flags.ack == 0)' to see the all initiated "legal TCP" connections. However, i need the destination port number conversion to "http" "netbios" etc. i'm not using -n option, but still i get: 128.3.45.128;62259;208.233.189.150;80 This is what i'm trying to get: 128.3.45.128;62259;208.233.189.150;http or 128.3.45.128;62259;208.233.189.150;80;http is better option for me. any idea from tshark users? or any other tool suggestions?

    Read the article

  • How does ospf control flooding?

    - by iamrohitbanga
    What method is used by ospf protocol to prevent looping of flooded packets for link state advertisements? The packet header does not contain any timestamp. How do the routers recognize that it is the same advertisement that they sent before?

    Read the article

  • Convert from port numbers to protocol names ?

    - by Berkay
    i'm simply using tshark -r botnet.pcap -T fields -E separator=';' -e ip.src -e tcp.srcport -e ip.dst -e tcp.dstport '(tcp.flags.syn == 1 and tcp.flags.ack == 0)' to see the all initiated "legal TCP" connections. However, i need the destination port number conversion to "http" "netbios" etc. i'm not using -n option, but still i get: 128.3.45.128;62259;208.233.189.150;80 This is what i'm trying to get: 128.3.45.128;62259;208.233.189.150;http or 128.3.45.128;62259;208.233.189.150;80;http is better option for me. any idea from tshark users? or any other tool suggestions?

    Read the article

  • Debugger for Iptables

    - by chris_l
    Hi, I'm looking for an easy way to follow a packet through the iptables rules. This is not so much about logging, because I don't want to log all traffic (and I only want to have LOG targets for very few rules). Something like Wireshark for Iptables. Or maybe even something similar to a debugger for a programming language. Thanks Chris

    Read the article

  • Capturing wirelss traffic (using Wireshark).

    - by Daisetsu
    When I run wireshark on a wired network it works fine and reports all of the packets. When I run it on a wireless network though I only see my own traffic. The wireless card I have is supposed to support packet capture and go into premiscous mode, but I don't see any other system traffic. What is wrong?

    Read the article

  • How should I handle incomplete packet buffers?

    - by Benjamin Manns
    I am writing a client for a server that typically sends data as strings in 500 or less bytes. However, the data will occasionally exceed that, and a single set of data could contain 200,000 bytes, for all the client knows (on initialization or significant events). However, I would like to not have to have each client running with a 50 MB socket buffer (if it's even possible). Each set of data is delimited by a null \0 character. What kind of structure should I look at for storing partially sent data sets? For example, the server may send ABCDEFGHIJKLMNOPQRSTUV\0WXYZ\0123!\0. I would want to process ABCDEFGHIJKLMNOPQRSTUV, WXYZ, and 123! independently. Also, the server could send ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890LOL123HAHATHISISREALLYLONG without the terminating character. I would want that data set stored somewhere for later appending and processing. Also, I'm using asynchronous socket methods (BeginSend, EndSend, BeginReceive, EndReceive) if that matters.

    Read the article

  • Discovering maximum packet size

    - by ereOn
    I'm working on a network-related project and I am using DTLS (TLS/UDP) to secure communications. Reading the specifications for DTLS, I've noted that DTLS requires the DF flag (Don't Fragment) to be set. On my local network if I try to send a message bigger than 1500 bytes, nothing is sent. That makes perfect sense. On Windows the sendto() reports a success but nothing is sent. I obviously cannot unset the DF flag manually since it is mandatory for DTLS and i'm not sure whether the 1500 bytes limit (MTU ?) could change in some situations. I guess it can. So, my question is : "Is there a way to discover this limit ?" If not, what would be the lowest possible value ? My software runs under UNIX (Linux/MAC OSX) and Windows OSes so different solutions for each OS are welcome ;) Many thanks.

    Read the article

  • Why do some machines respond with many RST packets instead of RST-ACK to refuse a connection?

    - by Michael J. Gray
    I have recently been trying to track down a problem with one of our systems and have noticed that it is simply not allowed to connect to a remote machine. However, the remote machine (not controlled by us) is responding to our request for a connection with many TCP RST packets on a different port (26469, 26497, 26498) than the one we originated on (53). It simply wouldn't let up at one point and flooded us with about 10 packets/second for an hour or two of only RST on those obscure high ports. Out of the thousands of nodes we're connecting to, this is the only one ever to show this behavior. What could possibly cause this? EDIT Below is a screenshot of Wireshark when it happened. I don't have the actual dump anymore and can't reproduce this specific scenario every time. Basically, we sent a SYN and immediately got RST on an odd port and so we respond with RST and just keep going back and forth.

    Read the article

  • Jumbo Packet in 1 Gigabit Ethernet- help

    - by user322374
    Hi, I would like to know about Jumbo Packets using UDP in 1 Giga etherent. What are the delays in such system? i think of using jumbo packets in my system because i need to transfer a lot of data between 2 computers. i tried to find information about the delays and what are the disadvantages using jumbo packets in 1 gigabit- i didn't find a lot. (I find many advantages but i would like to know also the disadvantages) Thank you very much for the help,

    Read the article

  • send and recive packet in the Lan with multiple mac Addresses in C#

    - by MGH
    Hi , in our Network bandwith assign to mac address and if you can get more than one , you can get more bandwith :) if there any application or class in C# that can do this .... I'm already have the http proxy or port maper to send packets in different ip addresses but because of they are use same mac address it won't work . Any help is appreciated .

    Read the article

  • obtaining nimbuzz server certificate for nmdecrypt expert in NetMon

    - by lurscher
    I'm using Network Monitor 3.4 with the nmdecrypt expert. I'm opening a nimbuzz conversation node in the conversation window and i click Expert- nmDecrpt - run Expert that shows up a window where i have to add the server certificate. I am not sure how to retrieve the server certificate for nimbuzz XMPP chat service. Any idea how to do this? this question is a follow up question of this one. Edit for some background so it might be that this is encrypted with the server pubkey and i cannot retrieve the message, unless i debug the native binary and try to intercept the encryption code. I have a test client (using agsXMPP) that is able to connect with nimbuzz with no problems. the only thing that is not working is adding invisible mode. It seems this is some packet sent from the official client during login which i want to obtain. any suggestions to try to grab this info would be greatly appreciated. Maybe i should get myself (and learn) IDA pro? This is what i get inspecting the TLS frames on Network Monitor: Frame: Number = 81, Captured Frame Length = 769, MediaType = ETHERNET + Ethernet: Etype = Internet IP (IPv4),DestinationAddress:[...],SourceAddress:[....] + Ipv4: Src = ..., Dest = 192.168.2.101, Next Protocol = TCP, Packet ID = 9939, Total IP Length = 755 - Tcp: Flags=...AP..., SrcPort=5222, DstPort=3578, PayloadLen=715, Seq=4101074854 - 4101075569, Ack=1127356300, Win=4050 (scale factor 0x0) = 4050 SrcPort: 5222 DstPort: 3578 SequenceNumber: 4101074854 (0xF4716FA6) AcknowledgementNumber: 1127356300 (0x4332178C) + DataOffset: 80 (0x50) + Flags: ...AP... Window: 4050 (scale factor 0x0) = 4050 Checksum: 0x8841, Good UrgentPointer: 0 (0x0) TCPPayload: SourcePort = 5222, DestinationPort = 3578 TLSSSLData: Transport Layer Security (TLS) Payload Data - TLS: TLS Rec Layer-1 HandShake: Server Hello.; TLS Rec Layer-2 HandShake: Certificate.; TLS Rec Layer-3 HandShake: Server Hello Done. - TlsRecordLayer: TLS Rec Layer-1 HandShake: ContentType: HandShake: - Version: TLS 1.0 Major: 3 (0x3) Minor: 1 (0x1) Length: 42 (0x2A) - SSLHandshake: SSL HandShake ServerHello(0x02) HandShakeType: ServerHello(0x02) Length: 38 (0x26) - ServerHello: 0x1 + Version: TLS 1.0 + RandomBytes: SessionIDLength: 0 (0x0) TLSCipherSuite: TLS_RSA_WITH_AES_256_CBC_SHA { 0x00, 0x35 } CompressionMethod: 0 (0x0) - TlsRecordLayer: TLS Rec Layer-2 HandShake: ContentType: HandShake: - Version: TLS 1.0 Major: 3 (0x3) Minor: 1 (0x1) Length: 654 (0x28E) - SSLHandshake: SSL HandShake Certificate(0x0B) HandShakeType: Certificate(0x0B) Length: 650 (0x28A) - Cert: 0x1 CertLength: 647 (0x287) - Certificates: CertificateLength: 644 (0x284) - X509Cert: Issuer: nimbuzz.com,Nimbuzz,NL, Subject: nimbuzz.com,Nimbuzz,NL + SequenceHeader: - TbsCertificate: Issuer: nimbuzz.com,Nimbuzz,NL, Subject: nimbuzz.com,Nimbuzz,NL + SequenceHeader: + Tag0: + Version: (2) + SerialNumber: -1018418383 + Signature: Sha1WithRSAEncryption (1.2.840.113549.1.1.5) - Issuer: nimbuzz.com,Nimbuzz,NL - RdnSequence: nimbuzz.com,Nimbuzz,NL + SequenceOfHeader: 0x1 + Name: NL + Name: Nimbuzz + Name: nimbuzz.com + Validity: From: 02/22/10 20:22:32 UTC To: 02/20/20 20:22:32 UTC + Subject: nimbuzz.com,Nimbuzz,NL - SubjectPublicKeyInfo: RsaEncryption (1.2.840.113549.1.1.1) + SequenceHeader: + Algorithm: RsaEncryption (1.2.840.113549.1.1.1) - SubjectPublicKey: - AsnBitStringHeader: - AsnId: BitString type (Universal 3) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...00011) 3 - AsnLen: Length = 141, LengthOfLength = 1 LengthType: LengthOfLength = 1 Length: 141 bytes BitString: + Tag3: + Extensions: - SignatureAlgorithm: Sha1WithRSAEncryption (1.2.840.113549.1.1.5) - SequenceHeader: - AsnId: Sequence and SequenceOf types (Universal 16) + LowTag: - AsnLen: Length = 13, LengthOfLength = 0 Length: 13 bytes, LengthOfLength = 0 + Algorithm: Sha1WithRSAEncryption (1.2.840.113549.1.1.5) - Parameters: Null Value - Sha1WithRSAEncryption: Null Value + AsnNullHeader: - Signature: - AsnBitStringHeader: - AsnId: BitString type (Universal 3) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...00011) 3 - AsnLen: Length = 129, LengthOfLength = 1 LengthType: LengthOfLength = 1 Length: 129 bytes BitString: + TlsRecordLayer: TLS Rec Layer-3 HandShake:

    Read the article

  • How to get an array to work with oops concepts in Perl

    - by superstar
    Hello guys, I need some help regarding the arrays in Perl This is the constructor i have. sub new { my $class = shift; my @includeobjects = (); my @excludeobjects = (); my $Packet = { _PacketName => shift, _Platform => shift, _Version => shift, @_IncludePath => @includeobjects, }; bless $Packet, $class; return $Packet; } sub SetPacketName { my ( $Packet, $PacketName ) = @_; $Packet->{_PacketName} = $PacketName if defined($PacketName); return $Packet->{_PacketName}; } sub SetIncludePath { my ( $Packet, @IncludePath ) = @_; $Packet->{@_IncludePath} = @IncludePath; return $Packet->{@_IncludePath}; } sub GetPacketName { my( $Packet ) = @_; return $Packet->{_PacketName}; } sub GetIncludePath { my( $Packet ) = @_; return $Packet->{@_IncludePath}; } The get and set methods work fine for PacketName. But since IncludePath is an array, I could not get it work. The declaration is what i am not able to get right Any suggestions please...

    Read the article

  • What are the attack vectors for passwords sent over http?

    - by KevinM
    I am trying to convince a customer to pay for SSL for a web site that requires login. I want to make sure I correctly understand the major scenarios in which someone can see the passwords that are being sent. My understanding is that at any of the hops along the way can use a packet analyzer to view what is being sent. This seems to require that any hacker (or their malware/botnet) be on the same subnet as any of the hops the packet takes to arrive at its destination. Is that right? Assuming some flavor of this subnet requirement holds true, do I need to worry about all the hops or just the first one? The first one I can obviously worry about if they're on a public Wifi network since anyone could be listening in. Should I be worried about what's going on in subnets that packets will travel across outside this? I don't know a ton about network traffic, but I would assume it's flowing through data centers of major carriers and there's not a lot of juicy attack vectors there, but please correct me if I am wrong. Are there other vectors to be worried about outside of someone listening with a packet analyzer? I am a networking and security noob, so please feel free to set me straight if I am using the wrong terminology in any of this.

    Read the article

  • How do I use an array as an object attribute in Perl?

    - by superstar
    Hello guys, I need some help regarding the arrays in Perl This is the constructor i have. sub new { my $class = shift; my @includeobjects = (); my @excludeobjects = (); my $Packet = { _PacketName => shift, _Platform => shift, _Version => shift, @_IncludePath => @includeobjects, }; bless $Packet, $class; return $Packet; } sub SetPacketName { my ( $Packet, $PacketName ) = @_; $Packet->{_PacketName} = $PacketName if defined($PacketName); return $Packet->{_PacketName}; } sub SetIncludePath { my ( $Packet, @IncludePath ) = @_; $Packet->{@_IncludePath} = @IncludePath; return $Packet->{@_IncludePath}; } sub GetPacketName { my( $Packet ) = @_; return $Packet->{_PacketName}; } sub GetIncludePath { my( $Packet ) = @_; return $Packet->{@_IncludePath}; } The get and set methods work fine for PacketName. But since IncludePath is an array, I could not get it work. The declaration is what I am not able to get right.

    Read the article

  • Track IP Messenger's chatting by wireshark

    - by Kumar P
    We have Linux server ( RHEL 5 ), and some client machines ( Windows XP ) in local area network. We using server as proxy server. I am using squid proxy. My windows machines using internet by proxy. Now my client machines using IP messenger for chatting and sharing files with in local network. How can i trace what they are doing or chatting by ip messenger, from my server by wireshark packet sniffer ? If i can't do it by wireshark , What will you give idea about it...

    Read the article

  • redirect all youtube video requests to a specific one

    - by iTayb
    I'm on an IT team in my company and I would like to block youtube to users. I don't want to just deny access to the whole youtube domain, but only to replace the .flv/.mp4 request with the one that I want. That way, if someone tries to watch youtube videos on the network, He'll get a video of why using our expensive bandwidth for pleasure is a no-no. I thought about using a packet manipulation program and just replace the video ID with something that I want, but I didn't manage to do it right.

    Read the article

  • Get active network interface on Windows

    - by Kevin Walzer
    I'm developing an application that provides a UI to windump, the packet sniffer. Windump has a "-D" parameter that lists all network interfaces it can find, and then you can specify which interface to listen on. However, I'd like to avoid forcing the user to manually configure which interface to listen on. On Unix, I can obtain the right network interface (en0, en1, etc.) via a call to ifconfig and some parsing of the output, but I cannot locate any equivalent Windows API or command that can yield similar information--ipconfig doesn't seem to obtain this data. Can anyone suggest either a Windows command-line tool or an API that can be called via VBScript to obtain this data so that I don't have to present the user with a dialog in my GUI telling them to select the right interface?

    Read the article

  • Altq limits not being applied to UDP transfers

    - by overkordbaever
    I have a OpenBSD server acting as a router/firewall with yhr packet filter ruleset shown below, a linux server, and a linux client. When transferring files (using netcat) by TCP, the limits are applied (for example the 100mbit limit in the example), though when transferring data by UDP, the limits aren't applied; the file always takes the same amount of time no matter the queue bandwidth limit I set (I can even turn off the queues completely, and will still get the same result). Why aren't the queuing rules applied to UDP packages? The rules used: #queue rules altq on { $int_if, $ext_if } cbq bandwidth 100Mb queue { def, low } queue def bandwidth 0Mb cbq(default) queue low bandwidth 100Mb cbq #Passrules test pass out quick from $int_if to $ext_if queue low pass in quick from $ext_if to $int_if queue low pass out quick from $ext_if to $int_if queue low pass in quick from $int_if to $ext_if queue low I suppose this may be related a question I've previously asked, though since it's more of a separate question, I suppose a separate question should be used for this

    Read the article

  • Why are some UDP packets getting blocked?

    - by Tom
    In our organization, we have two test machines running Windows XP. While attempting to test a roll-my-own UDP message server, I found that both could receive small messages (under 2k) just fine. However, when I test sending large packets to both of these machines, one receives them fine, while the other can't receive them at all. Both machines have SP3 and both have their Windows Firewall shut off, but one still isn't working. Can anyone tell me where to look for anything that might be blocking or limiting the packet size on a Windows Machine? Thanks.

    Read the article

  • Hardware for Capturing Packets

    - by Kevin
    One of my clients is a small school district in Texas. Like any school, they often have problems with network'd peripherals such as printers, et al. It would be nice to be able to simply "listen" to what the printer and PC are saying to each other (or not saying more importantly)... The problem is that I can't find old-style "hubs" anymore, and even if I could, it's not a long-term solution. All of the devices that I have found to replicate the purpose of a simple hub are either $100+ or are difficult to throw into a networking tool kit (aka my backpack)... Now that hubs are dead, what's the new low-cost standard for simple packet capture in the networking world?

    Read the article

  • How to detect an iPhone connecting a network?

    - by JayCrossler
    I've noticed through watching Wireshark that when an iPhone connects to a wifi network, it sends out a few IGMP/MDNS packets to 224.0.0.251 (LAN broadcast, I think). Is there any easy way to watch for these packets and then either run a script or send an event? Or, is the best way to just run a packet sniffer? Any simple ones that can send events or execute curl commands when a filter is triggered? When I run nc -u -l 5353 I get: My-Name-iPhonelocal??? x???)?? ??cc^C Can I do something like: nc -u -l 5353 | grep iPhonelocal | execute command...

    Read the article

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >