Highest Voted 'wireshark' Questions - Server Fault Stack Exchange

0

votes

0 answers

Getting duplicated packets when replaying pcap files

The issue at hand is I have pcap files that I want to replay over a network. I used to use playcap to do this with no issue, however recently I noticed that playcap is sending each packet from the original file twice. I then downloaded bittwist and…

asked Nov 30 '22 at 16:16

pandarby

1
2

0

votes

0 answers

Trace Packets in Kubernetes

I am trying to trace packets using sniffer using (https://github.com/eldadru/ksniff) but I am unable to make out how to trace packets and check if cluster IP is in use for Nodeport SVC. I have the following scenario: app1_sts.yaml === apiVersion:…

kubernetes wireshark tcpdump

asked Oct 30 '22 at 20:34

drifter

1

0

votes

0 answers

REST requests to an API falls in timeout randomly

0 I developed a web app that communicate with an external API in REST. Most of the time I have no problem, but a few times (1 or 2 times a day) I have my request which is timed out although the message I send is correct. By analyzing with Wireshark,…

tcp wireshark

asked Oct 14 '22 at 05:47

Serial42

1

0

votes

0 answers

Checking for port exhaustion using WireShark

We have been having some rare port exhaustion issues on our computers. We deployed a little netstat monitoring app that tracks the amount of TIME_WAIT statuses per application and notifies us if there are more than usual. One suggestion was that our…

windows port wireshark

asked Sep 22 '22 at 21:47

Zarif Rahman

1

0

votes

0 answers

Save all unique TCP/IP conversations

I have a tcpdump containing numerous HTTP sessions. I want to save each unique conversation i.e. SYN-to-FIN, in its own file using Wireshark (or any other tool if something else is better suited) without having to manually select/follow/save each…

wireshark tcpdump

asked Sep 08 '22 at 13:36

Waslap

173
5

0

votes

0 answers

Connection drop

Trying to solve this problem here but not 100% sure what's the issue. 4 Fetal monitors and a PC in a clinic are connected to a switch. Those communicate with the PC. 1 to 4 times a day there is a connection drop between PC and all 4 monitors. Drop…

configuration switch wireshark bootp

asked Aug 22 '22 at 12:22

kasper

1

0

votes

1 answer

How to detect packets on mirrored port using Promiscuous mode on a VM running on Proxmox

I have a Proxmox server with four network ports eno1, eno2, eno3, eno4. The eno4 is used for management console and internet access using vmbr0 linux bridge. I have created a vmbr1 bridge for the port mirrored destination port eno1. But I am not…

ubuntu wireshark proxmox

asked Aug 03 '22 at 08:46

arunkannan

1
1

0

votes

1 answer

TCP packets being lost

I have some TCP packets being lost. I have monitored the interface with tcpdump pcap file - https://www.dropbox.com/s/7m3hr1b7065tenx/tcp.pcap?dl=0 I noticed that when I lose packets I only get 5 frames whereas I usually see 9. Example lost…

tcp wireshark tcpip tcpdump

asked Jul 27 '22 at 21:02

Ruby dev

1

0

votes

0 answers

How can I inspect everything that happens before a TCP handshake

On my local machine when I connect to a remote linux machine with netcat I can only see 3 related packets(the tcp handshake) in Wireshark. I'm pretty sure there's more that happens before that(router --> ISP --> remote network) but I can't figure…

networking tcp wireshark

asked Jul 27 '22 at 20:11

voyager19

1

0

votes

0 answers

What does it mean if I don't receive a SMB Negotiate Protocol Response from server?

What does it mean to not get an SMB Negotiate Protocol Response from server? Unable to mount fileshare drive (a third-party fileshare outside Azure). The architecture is similar to this one:…

vpn azure server-message-block wireshark site-to-site-vpn

asked Jul 27 '22 at 18:02

Mel J

1
2

0

votes

0 answers

Traffic capture at boot

I'm trying to figure out what packets a linux host sends at boot in order to debug it. Is there a way to start packet capture during boot time to not miss any packets? What is your way of going about it? I have found a red hat guide but it's behind…

boot wireshark tcpdump packet-capture packet-sniffer

asked Jul 27 '22 at 02:56

lolz

11
1

0

votes

0 answers

Difference between TCP Segment Data and Data on a Wireshark capture

I am trying to replicate some TCP communication that is sent from MongoDB and I have been able to replicate it byte by byte and it is still not being recognized. The only difference I could find when analyzing the packets on Wireshark was that my…

tcp wireshark

asked Jul 06 '22 at 17:40

kolrie

235
3
12

0

votes

1 answer

DNS behavior / Wireshark

I'm a Cloud Engineer and currently diving into networking and stuff. I have a question, I have the understanding that whenever I go to a site the first thing is DNS. So a DNS request gets sent to a recursive DNS server and I get a response back.…

networking domain-name-system wireshark

asked Jul 04 '22 at 20:41

FMaj7

1

0

votes

1 answer

Why do I see unicast packets for a different IP when I sniff my interface?

I hook up a laptop via gigabit Ethernet to my corporate network and run Wireshark on the interface. I expect to see all broadcast and multicast traffic and unicast traffic either originating from or destined to my laptop's IP only. For some reason,…

wireshark unicast

asked Jun 15 '22 at 20:54

petiepooo

115
4

0

votes

0 answers

Bytes-in-flight higher than receiver window in frozen client connections

I am dealing with sort of a "ghost issue". We have an endpoint URL that some people can use at all times with no issues but others have a frozen connection on the client side (checked with multiple client codes written in Java, Python C#) that never…

tcp wireshark tcp-window-scaling

asked Apr 20 '22 at 19:48

Ver Siw

1

Questions tagged [wireshark]