Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [packet-sniffer]

Sniffer is another word for packet analyzer

A sniffer, or packet analyzer, is a tool that intercepts data-packets from networks (ehternet,wireless,...).

A very known packet sniffer is wireshark.

97 questions
2
votes
2 answers

What to use to get meaningful network statistics

A customer has a rack with some 1U servers and Dell™ PowerConnect™ 2716 switch at ISP's server room. One port is uplink to the ISP. Some servers run ESX5 while one 1U server is a plain Windows 2008 R2 box with 2 nics. The switch allows me to use web…
Henno
  • 1,056
  • 5
  • 19
  • 33
2
votes
1 answer

OpenVPN client "reboot loop", but still working slowly

I have a personal OpenVPN server out on "the tubes". Last week, I was able to connect without incident and with very good performance. This week, when I manage to connect, the client seems to enter a "reboot loop".. the output as follows: Fri Apr 13…
Bill
  • 603
  • 6
  • 12
2
votes
4 answers

Can I read data being sent to/from other computers?

Let's say sniff program is installed on computer A. And let's say I am looking at a Youtube video on the computer B. Can the sniff program see what computer B is doing? If that's possible, witch sniffing program can do that? I use Ubuntu if that…
TheDegree0
  • 21
  • 1
2
votes
1 answer

Why HTTP sniffers aren't able to capture PHP generated HTTP traffic?

I can't get why HTTP Analyzer (I prefer this one because it is capable of decoding SSL encoded data transfered through HTTPS) isn't able to capture PHP generated HTTP traffic. It capture HTTP traffic of every application except PHP (httpd.exe…
HongKilDong
  • 133
  • 4
2
votes
3 answers

Debugging UPnP / DLNA via Wireshark

Is there any way to parse / interpret the XMLs sent as part of a DLNA / UPnP using Wireshark, or any other network sniffer? I can get the raw packets, but it would be nice to see them parsed, to make debugging easier.
Mikeage
  • 2,741
  • 6
  • 26
  • 37
2
votes
1 answer

IP ACL for SPAN port on 3560

My scenario is that I have > 1g of traffic on a switch, but only a 1g monitor port. But the traffic I'm actually interested in is only about 10mbps, the rest can be ignored. I have one 3560 switch, and I want to configure a SPAN port but also…
MichaelGG
  • 1,739
  • 8
  • 25
  • 30
2
votes
1 answer

WireShark - wireshark trace traffic from my local browser to a local .net application I have with a HttpListener? (e.g. local to local)

Can wireshark trace traffic from my local browser to a local .net application I have with a HttpListener? (e.g. local to local) I can't seem to detect this traffic at the moment with wireshark. Is there a way to do it? thanks
GregH
  • 245
  • 3
  • 13
2
votes
3 answers

Good (free / open source) tools for analyzing TCP capture files?

I use wireshark and microsoft network monitor extensively, but I'm curious if there are other good (hopefully free / open source) software packages for analyzing TCP/IP traffic? I'm especially interested in forensic uses and analysis of network…
John Weldon
  • 413
  • 1
  • 3
  • 13
1
vote
1 answer

Can user credentials from HTTP session be seen through Wireshark?

Can we get that info the same way we do for FTP since HTTP is a plain text protocol?
Yoane Maior
  • 21
  • 2
1
vote
0 answers

Can I capture full TCP packet content with haproxy without knowing length of the packet?

I know I can capture 6 bytes length packet using this config: global log /dev/log local0 debug log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin…
Defozo
  • 153
  • 1
  • 6
1
vote
1 answer

Is a two-way communication possible over a mirror port?

I have a network like this: Server -- Router -- PCs I'd like to add a Raspberry to it so that it receives all packets sent from the Server to any PC, analyzes them, and sometimes it also sends some data to some of the PCs. My idea is to build this…
tom
  • 121
  • 2
1
vote
0 answers

Netsh trace vs PEF trace cmdlets vs NetEvent cmdlets

I am playing with capturing my network traffic and came across two different MS commandline tools that allow doing this: a well-known netsh tool, recently equipped with powerful capture switch a brand-new PEF Framework that is shipped together with…
Suncatcher
  • 594
  • 2
  • 7
  • 22
1
vote
1 answer

Protecting wired LAN from packet sniffers

How one encrypts traffic in wired LAN segment? Can IPv6 in combination with IPSec be configured for IKE/ISAKMP authentication? OR Will I drown in configuring appropriate IKE host-to-host rules for the ISAKMP? OR Should I look towards 802.1X-2010…
P. D
  • 11
  • 1
1
vote
1 answer

Is there a quick way to determine what applications are present within a Wireshark capture? If so how

Is there a quick way to determine what applications are present within a Wireshark capture? If so how As most captures contain over 10 thousand lines, I can't expect people would by hand check which ports have been utilised and the applications…
Usage
  • 11
  • 2
1
vote
0 answers

Microsoft Message Analyzer and Windows Advanced Firewall ipsec tunnel packet sniffing

I am trying to view connections or attempted connections in windows advanced firewall. I have tried using the Windows Firewall Service provider however the trace does not return anything. Any ideas?
Wize
  • 91
  • 6
1 2
3
4 5 6 7