Questions tagged [packet-capture]

is for questions about capturing packets of various protocols that are transmitted over a network.

A lot of computer network protocols transmit their contents in packets. Packet capture is the interception of these packets as they are moved over a network of some type.

A packet sniffer captures raw data traveling over a network segment and saves it to a file for analysis.

Software

A software sniffer can generally only capture network data either originating from or going to the computer running it, plus any "broadcast" messages, if the computer is connected to the network via a switch. If the computer is connected to the network via a router, it may be able to capture network data for any device on connected to the same router.

Hardware

A hardware packet sniffer is physically connected to the network by connecting it to a router or switch. Sometimes the router or switch has to be configured to allow the sniffer to capture traffic being routed through it; this is called port mirroring.

Analysis

The captured data can be analyzed by the software that captured it, or by a program specifically designed to analyze the network data.

See Also

Wikipedia Article on Packet Analyzers
The term packet sniffer is also common and can be considered a synonym.

659 questions

15

votes

7 answers

Is there a Windows tool for capture and playback of modified UDP packets?

I'm looking for a tool (or a set of tools) for Windows that will perform the following: Capture UDP packets from a specific network interface to a file. Play a stream of packets from a file through a network interface. In addition to 2: replay the…

windows udp packet packet-capture

asked Dec 11 '08 at 21:02

kshahar

10,423
9
49
73

14

votes

3 answers

How to copy hex data of captured packet form wireshark

here is the example this is the captured packet data 00000000 00 6e 0b 00 .n.. 00000004 4d 5a e8 00 00 00 00 5b 52 45 55 89 e5 81 c3 81 MZ.....[…

network-programming wireshark packet-capture

asked Mar 18 '15 at 07:49

Chornic

319
1
3
11

14

votes

5 answers

How can I automatically test the functionality of iOS and Android applications?

I have to regularly test the availability and functioning of a movie rental website. I wrote a Windows program which is able to automate a web browser according to a script, so this task is basically solved. Now I have to automate the mobile version…

android ios ui-automation galaxy packet-capture

asked Aug 30 '12 at 17:26

kol

27,881
12
83
120

13

votes

1 answer

how to fix Scapy "Warning pcapy API does not permit to get capure file descriptor"?

I am trying to capture outgoing packets (i.e., from my localhost) by using Scapy capturing function sniff, then parse them as they get captured but I keep getting the following warning: WARNING: fileno: pcapy API does not permit to get capure file…

python-2.7 packet-capture scapy

asked Jun 26 '13 at 07:54

OiaSam

560
7
19

13

votes

6 answers

How to stop IDM from grabbing video/audio

Every time a video/audio streaming starts the Internet Download Manager (IDM) feels that there is a multimedia content on the page and allows you to download that multimedia content. I don't think it's possible to prevent IDM from grabbing…

video-streaming audio-streaming packet-capture

asked Oct 09 '12 at 14:56

pouya

3,400
6
38
53

13

votes

3 answers

Python/iptables: Capturing all UDP packets and their original destination

I am trying to write an iptables rule that will redirect all outgoing UDP packets to a local socket, but I also need the destination information. I started out with sudo iptables -t nat -A sshuttle-12300 -j RETURN --dest 127.0.0.0/8 -p udp sudo…

python sockets udp iptables packet-capture

asked Apr 06 '12 at 03:16

Etienne Perot

4,764
7
40
50

12

votes

4 answers

How do I use tshark to print request-response pairs from a pcap file?

Given a pcap file, I'm able to extract a lot of information from the reconstructed HTTP request and responses using the neat filters provided by Wireshark. I've also been able to split the pcap file into each TCP stream. Trouble I'm running into now…

wireshark pcap packet-capture tshark

asked Jan 18 '12 at 00:51

Steven

17,796
13
66
118

12

votes

7 answers

How do I hook the TCP stack in Windows to sniff and modify packets?

I'd like to write a packet sniffer and editor for Windows. I want to able to see the contents of all packets entering and leaving my system and possibly modify them. Any language is fine but I'd like it to run fast enough that it won't burden the…

windows sockets packet-capture winpcap sniffer

asked Mar 29 '09 at 18:05

Eyal

5,728
7
43
70

12

votes

1 answer

Adding payload in packet

Can I insert image or document (in MBs) as a data in packet using scapy? This is what I did to send data. data = "University of texas at San Antonio" a = IP(dst="129.132.2.21")/TCP()/data send(a)

python packet packet-capture scapy

asked Jul 07 '11 at 02:13

Chetan

141
1
1
4

12

votes

1 answer

Packet capture app once started doesn't have internet connectivity for other apps anymore

I have installed packet capture on my android phone - Samsung Galaxy S7 edge running Android version 8.0. It is not rooted I followed all the steps and installed the SSL cert as well. Here is the app link When i click on the start button to capture…

android packet-capture packet-sniffers

asked Sep 16 '18 at 18:18

StackOverflowVeryHelpful

2,347
8
34
46

11

votes

5 answers

Protect a socket in VpnService

I'm exploring the capabilities of Android's VpnService. Presently, I've built a very rudimentary request forwarder by essentially rebuilding the IP stack in user space: I read IP packets from the VpnService's input stream, parse them, and for…

android sockets android-4.0-ice-cream-sandwich vpn packet-capture

asked Nov 18 '13 at 09:26

Paul Lammertsma

37,593
16
136
187

10

votes

2 answers

python / dpkt: Find out if packet is a tcp packet or a udp packet ,

I have a python scripts that captures the packets on the ethernet using dpkt, but how do i differentiate between which packets are tcp and which ones are for udp. Eventually i would like to have a list of packets for each tcp connection that was…

python network-programming pcap libpcap packet-capture

asked Jan 13 '12 at 11:08

ConfusedAboutCPP

573
3
8
20

10

votes

3 answers

pyshark - data from TCP packet

Is there anyway to get the payload of a TCP packet using pyshark? I am trying to compare the data sections of different packets across multiple TCP streams but I can't find a way to get at the data of the packet. pkt['tcp'].data does not seem to…

python wireshark packet-capture pyshark

asked May 09 '15 at 18:34

Cru Jones

101
1
1
3

10

votes

2 answers

How can I determine which packet in Wireshark corresponds to what I sent via Postman?

I'm trying to figure out why REST calls sent from my handheld device (Windows CE / Compact Framework) are not making it to my server app (regular, full-fledged .NET app running on my PC). The handheld device and the PC are connected - I know that…

port wireshark packet-capture packet-sniffers postman

asked Dec 04 '14 at 20:14

B. Clay Shannon-B. Crow Raven

8,547
144
472
862

9

votes

1 answer

Which is the intended bit (not byte) order in internet RFC packet diagrams

I am parsing ICMPv6 datagrams on my home wired network, and can't find an explicit mention of the bit-ordering convention in the specific RFC. Multi-byte fields are network order, but what about bits within a byte? Machines are byte-addressible, but…

networking binary packet packet-capture rfc

asked Oct 11 '16 at 02:23

init_js

4,143
2
23
53

Prev 1

2

3

…

43 44 Next