Sniffer is another word for packet analyzer
A sniffer, or packet analyzer, is a tool that intercepts data-packets from networks (ehternet,wireless,...).
A very known packet sniffer is wireshark.
Questions tagged [packet-sniffer]
97 questions
1
vote
0 answers
Corrupted files when downloading with HTTP
With my UMTS connection most archives > 50 MB are corrupted when downloading them via HTTP. If I switch to HTTPS the problem is gone. The problem should not reside in my network, because I have an additional ADSL connection. When I switch to this…
Wotim
- 121
- 4
1
vote
5 answers
how to identify IP address on eth0 when console isn’t available
I need help about the following
I have very old Linux server with one IP address, unfortunately I can’t to access to Linux machine VIA console and I not remember the IP address
So I now thinking about way that I could to verify this IP address
I…
yael
- 23
- 3
1
vote
0 answers
why do I lose ping to a machine when using port mirroring / monitoring (sniffing)?
I am using port mirroring / monitoring in my 3COM layer 3 switches to look at network traffic (using wireshark).
Sometimes, I have found that I loose connectivity with the remote monitor machine (the machine receiving the port mirror traffic). …
Scott Szretter
- 1,882
- 11
- 43
- 66
1
vote
3 answers
Understanding VOIP "sniffer" traces
My customer is doing an Avaya VOIP pilot. I am looking at traces in Wireshark to build my troubleshooting skills. I have found much documentation on VOIP, but little that focuses on protocol analysis and how the various protocols work together.
I…
jpolache
- 155
- 8
1
vote
4 answers
Sniffing packets of specific binaries / apps / process id?
Is there a way to associate packets with executing binaries? I would be open to traditional sniffing methods or even dtrace for that matter.
I have a specific issue on a system with very high traffic. Sniffing "all" packets and filtering them is…
ylluminate
- 1,155
- 2
- 17
- 35
1
vote
1 answer
PCAP to Syslog utility
I am looking for a tool which sniff all the traffic on an interface and produce a syslog like Cisco log in real time.
Example :
Feb 16 10:19:05 tcp S.S.S.S(6083) -> D.D.D.D(80), 1 packet
Feb 16 10:19:07 tcp S.S.S.S(80) -> D.D.D.D(4662), 1 …
Dom
- 6,743
- 1
- 20
- 24
1
vote
2 answers
Packet sniffing SMTP connection
I have a program on Windows that sends email via a remote SMTP server, and it is failing with an ambiguous "cannot connect" error message with no log or other information as to why it is failing. I have tested the SMTP server and confirmed it is…
jrdioko
- 567
- 5
- 9
- 18
1
vote
3 answers
Tool to capture outbound http packets in a linux server
I was searching for a tool to capture http packets sent from a linux server to an external server. Normally I use iftop or iptraf with filters to see real time information and tcpdump to get verbose information. But what I need right now is some…
hdanniel
- 4,293
- 23
- 25
1
vote
1 answer
Finding source of RST packet on ASA 5505
I've ran wireshark on our app server and noticed a reset packet is commonly being received when sending data to a remote telnet server when the connection has been idle for an hour or so.
I've read that our local firewall (ASA5505) may be sending…
James
- 325
- 2
- 11
- 22
1
vote
2 answers
Passing credentials over non-secure, non public domain
Exactly how un-secure is this scenario, please note that I can't use SSL due to restrictions in the website application (yeah go figure!):
We have a domain that is only known to the users who need to know
The user will be inputing user name +…
Mantorok
- 143
- 4
1
vote
3 answers
Packet sniffing a webserver
I have a homework in which I should explain how I would break into a server, retrieve a file and cover my tracks. My main question: is it possible to packet sniff a remote web server?
Other information would be appreciated on covering tracks.
Edit.…
Shawn Mclean
- 139
- 1
- 8
1
vote
0 answers
What is the key file for ssldump?
I search google for a tool to decode https traffic and get the ssldump with examples like:
ssldump -k xxx.pem -i eth0 -d host example.com
I wonder what the key file xxx.pem is. On the server hosting example.com, the file is what is specified by…
peter
- 93
- 13
1
vote
0 answers
Ifconfig result on the server running PF_RING with zerocopy
I have an application which uses PF_Ring zero copy as a part of its packet sniffing capability. When this application is running would it be possible to find out the amount of RX/TX traffic using ifconfig or is it correct to say that ifconfig does…
user2714795
- 111
- 3
1
vote
2 answers
How to decrypt TLS traffic with Wireshark using RSA asynchronous encryption?
I want to be able to capture and decrypt TLS traffic that one off my internal application (that I don't have access) makes to the internet. (For testing I am using Postman to create a request to a secure server.)
What I did was to add an Nginx as a…
mavi
- 121
- 1
- 1
- 7
0
votes
1 answer
Can GCP do port mirroring at the subnet level?
Can I define a custom network in Google Cloud Platform in such a way so that I can get the equivalent behavior of Port Mirroring in my VPC as one would configure on a hardware switch?
The goal is to sniff all traffic in the VPC for the purpose of…
Jev Björsell
- 111
- 6