Highest Voted 'wireshark' Questions - Server Fault Stack Exchange

3

votes

2 answers

Windows Server FIrewall (2012) Ipsec tunnel problems

I am new to Ipsec tunnels. I have successfully created a tunnel to a Cisco offsite router using a preshare key at a supplier. In Endpoints 1 : I have the servers ip address and the remote servers ip address that I intend connecting to. In Endpoint 2…

asked Jul 27 '15 at 08:49

Wize

91
6

3

votes

2 answers

Packets returning but traceroute fails

I get this output from traceroute: #traceroute -i eth1 -s 192.168.12.14 192.168.1.72 1 192.168.12.1 (192.168.12.1) 1.410 ms 2.076 ms 2.251 ms 2 * * * 3 * * * etc.. But in another terminal I can see the correct replies (Port Unreachable)…

wireshark networking

asked May 15 '14 at 18:48

David Semeria

219
2
8

3

votes

1 answer

Need help understanding capturing from Wireshark?

I am having issues with my FTP servers. Connecting, sending and receiving fail sometimes, and it is not consistent. I manage to capture and filter by IP the packets, I just need pointers on what can I do from there as I don't fully understand the…

networking firewall ftp wireshark packets

asked Apr 29 '14 at 20:06

Al Pacino

31
1
3

3

votes

2 answers

Understand wireshark capture for ssh key exchange

I need to understand SSH key exchange, I have tried to read RFC document but it seems very difficult to understand so I have captured packets using wireshark ,I found various packets for ssh keyexchange SSHv2 Client: Key Exchange Init SSHv2 Server:…

linux ssh wireshark

asked Apr 04 '14 at 09:03

user3184706

110
1
2
10

3

votes

3 answers

How can I create a packet capture file on a headless server for a single process?

I'm writing a python script on a headless server, and I'd like to see the packet capture output for the script. I can't run ettercap or Wireshark on the server as there is too much other noise (besides, wireshark is a GUI tool). I do have sudo…

wireshark packet-capture headless

asked Feb 03 '14 at 22:18

Manishearth

369
4
13

3

votes

1 answer

How to block own rpcap traffic where tshark is running?

Platform :- Fedora 13 32-bit machine RemoteMachine$ ./rpcapd -n ClientMachine$ tshark -w "filename" -i "any interface name" As soon as capture starts without any capture filter, thousands of packets get captured. Rpcapd binds to 2002 port by default…

wireshark tshark

asked Nov 07 '13 at 19:08

Pankaj Goyal

131
3

3

votes

1 answer

Virtualize Wireshark with Thinstall from Vmware

Has anyone been able to virtualize Wireshark and PCAP utilizing thinstall from VMWare without requiring installation of the PCAP on the main OS?

wireshark vmware-thinapp

asked Aug 07 '09 at 13:18

webby

3

votes

1 answer

tcpdump not picking up traffic redirected by iptables

The following iptables rule is used to redirect all internet traffic coming in from eth1 to port 3000 at localhost (interface lo with ip 127.0.0.1): iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to-destination…

iptables nat wireshark tcpdump

asked Apr 23 '13 at 19:51

tonytz

153
1
5
11

3

votes

1 answer

How to use a switch as a network tap?

I would like to tcpdump all traffic that my router does when it makes a firmware update. So I have taken a HP ProCurve 1800-8G switch and mirrored port 7 to port 8. I have connected: Internet connection in port 6 routers WAN port in port 7 Linux…

linux networking hardware wireshark tcpdump

asked Apr 10 '13 at 22:21

Sandra

10,303
38
112
165

3

votes

3 answers

What are cables/boxes called for listening in on a RJ45 cable?

I would like to capture the traffic from a router, so I assume there must exist a cable or hardware box with 3 RJ45 socks, where two of them are IN and OUT, and the third is for capturing device (a Linux host in my case). What are such cables/boxes…

networking hardware wireshark packet-capture packet-sniffer

asked Apr 07 '13 at 10:39

Sandra

10,303
38
112
165

3

votes

3 answers

Layer 3 Protocol only in wireshark

I have a simple question: is there any way in wireshark to avoid resolution of protocol besides the protocol of layer 3 ? For example, in the column protocol, instead of showing http, I want it to show TCP or it's value (6). I can see in menu…

wireshark protocols

asked Nov 07 '12 at 16:45

javardo

31
1
2

3

votes

1 answer

How Wireshark could read data from other ips

When I open wireshark I could see the packets send by machines other than mine. How could its possible? Example 8252 99.150192 somoeneip 239.255.255.250 SSDP NOTIFY * HTTP/1.1 8253 99.151204 fe8s0::15s34:12c8:2f2132:d99221 ff02::c…

networking security wireshark packet-capture

asked Aug 15 '12 at 05:42

user71866

221
2
7

3

votes

1 answer

What are capture interfaces in Wireshark?

I am really new to Wireshark, and I am little confused about the term capture interface. I see a list of about 9 to 10 so-called interfaces. What are they? I mean, I have only one Ethernet interface card and a wireless card, with each providing one…

wireshark packet-capture

asked Jul 18 '12 at 14:32

Yang Jy

27
5

3

votes

1 answer

Is Winpcap able to capture all packets going through a Gigabit NIC without missing any packets?

I want to use Winpcap to capture all network packets going through a Gigabit NIC of a server. Assuming that I am able to utilize the network link up to 100%, the maximum network speed is 1000Mbps. If we exclude the TCP/IP headers, the maximum TCP…

networking tcpip wireshark java winpcap

asked Jun 30 '12 at 05:57

userpal

613
4
10
17

3

votes

1 answer

huge packet loss and checksum errors

Our 2008 server began to work very slowly within 2 weeks. Our web sites (iis 7.5) are loading very slowly and sometimes its freezing. We began testing with wireshark and saw that our packets are lost during transmission. The client demands the…

networking wireshark packetloss checksum

asked Jun 18 '12 at 13:53

Kamil Ovacık

49
1
2

Questions tagged [wireshark]