Questions tagged [packet-capture]

is for questions about capturing packets of various protocols that are transmitted over a network.

A lot of computer network protocols transmit their contents in packets. Packet capture is the interception of these packets as they are moved over a network of some type.

A packet sniffer captures raw data traveling over a network segment and saves it to a file for analysis.

Software

A software sniffer can generally only capture network data either originating from or going to the computer running it, plus any "broadcast" messages, if the computer is connected to the network via a switch. If the computer is connected to the network via a router, it may be able to capture network data for any device on connected to the same router.

Hardware

A hardware packet sniffer is physically connected to the network by connecting it to a router or switch. Sometimes the router or switch has to be configured to allow the sniffer to capture traffic being routed through it; this is called port mirroring.

Analysis

The captured data can be analyzed by the software that captured it, or by a program specifically designed to analyze the network data.

See Also

Wikipedia Article on Packet Analyzers
The term packet sniffer is also common and can be considered a synonym.

659 questions

0

votes

1 answer

libtins ARP request detection

First, I am a novice, so be gentle.... I am using a wrapper for the libtins library. I want to be able to detect arp requests and get the mac address of the sender. I have linked libtins and have my code going, I am able to detect dot11frameBeacons…

c++ packet-capture openframeworks packet-sniffers arp

asked Dec 23 '15 at 11:36

fred_dev

43
8

0

votes

1 answer

H.225 User Information Packet Parsing

I'm writing some code using PacketDotNet and SharpPCap to parse H.225 packets for a VOIP phone system. I've been using Wireshark to look at the structure, but I'm stuck. I've been using This as a reference. Most of the H.225 packets I see are user…

c# voip packet packet-capture packet-sniffers

asked Aug 02 '10 at 14:42

Dan

533
8
29

0

votes

0 answers

How to analyze the data from the packet (like pcap or cap)is the inflow or outflow of the host?

I have a packet like pcap or cap, how to analyze the data from the packet is the inflow or outflow of the host? I use Python and Scapy.

network-programming wireshark pcap packet-capture

asked Nov 19 '15 at 11:21

HatBoy

1
2

0

votes

1 answer

Python parse packets real time

I want to collect bluetooth beacon info. first of all,I need to collect all the network packets emmited by beacon in real time. And than I have to parse the packets to get some value like MAC address , RSSI and save into database. I google for a…

python packet-capture

asked Oct 27 '15 at 03:10

user2492364

6,543
22
77
147

0

votes

0 answers

Can't use JPCAP in Android project

I want to create an application which can capture packets traffic with my Android device. I use Jpcap library but the LogCat prints the following error: java.lang.NoClassDefFoundError: jpcap.JpcapCaptor My code is: import jpcap.JpcapCaptor; import…

java android packet-capture jpcap

asked Oct 17 '15 at 10:26

Panagiotis

511
8
26

0

votes

2 answers

anonymous class is not abstract and does not override abstract method

I have this program in java.. it is for captureing network packets by using Winpcap and jpcap...There is a problem at the compile time.. it sends this message: C:\Users\IMAX\Desktop\PacketPirate\PacketPirate\src\PkPirate_GUI.java:95: error:…

java packet-capture jpcap

asked Oct 08 '15 at 14:35

Dana Hassan

21
6

0

votes

1 answer

How to capture packets and put them into a database in real time?

I have a project on DNS reflection prevention and I need somehow to capture incoming and outgoing packets in real time... I am working on Linux Debian 8.0... can you please tell me how to do that... I looked in many websites and watched many…

packet-capture

asked Sep 29 '15 at 06:47

Dana Hassan

21
6

0

votes

0 answers

Pcap producing strange packets after un- and replugging cable

After physically pulling the line and reconnecting it again, pcap (I am programming it in C) produces packets which are most likely not really there and misses out on all "normal" traffic which is going on. I have two nodes on the network which…

ethernet pcap libpcap packet-capture raw-ethernet

asked Sep 08 '15 at 23:22

Vroomfondel

2,704
1
15
29

0

votes

1 answer

using python to determine dot1x protocol type in ethernet header

I'm using python to enumerate information in a dot1x exchange but I'm having trouble parsing the Ethernet protocol. I know the Ethernet type field is two bytes and dot1x uses "888e". I've confirmed "888e" is being passed via Wireshark but I'm…

python protocols ethernet packet-capture

asked Aug 27 '15 at 02:28

doby

3
2

0

votes

2 answers

Why is my program reporting more captured packets than Wireshark?

I am writing a packet sniffer using pcap and visual studio. I've taken sample code for offline capturing and combined it with code that looks for an interface and captures packets live. This is what I have to display the packets information gotten…

wireshark packet-capture

asked Aug 19 '15 at 23:52

mchoy25

63
7

0

votes

1 answer

C: libpcap doesn't capture wlan0 packets

I'm new in C and got little confused. I've read some topics about this problem but none of them worked for me. I'm trying to capture wlan0 packets with libpcap but something goes wrong. pcap_next() function returns null but i can't figure out why.…

c wireless pcap libpcap packet-capture

asked Jul 31 '15 at 13:18

Ojs

924
1
12
26

0

votes

1 answer

Wireshark only catches all kinds of packets but I only see ARP, 0x0800, 0x8912, etc. Why do I not see TCP or UDP packets?

As you can see, Wireshark is definitely capturing a lot of TCP packets. But it is displaying only ARP, 0x0800, 0x8912, etc. If I put TCP as a filter I get blank. Why can't I see TCP packets?

wireshark packet-capture packet-sniffers

asked Jul 28 '15 at 18:59

DDauS

105
1
2
11

0

votes

1 answer

Python scapy extracting field from packet

I need help extracting a field from the scapy captured packet and pushing it into a variable for processing. Q: I would like to capture the 'notdecoded' field data into a variable. Capturing using: from scapy.all import * def packet_handler(pkt)…

python wireless scapy packet-capture wifi

asked Jul 21 '15 at 09:58

Dusty Boshoff

1,016
14
39

0

votes

1 answer

Libpcap filter strings using "vlan" are behaving weirdly

I am getting some weird errors when using libpcap pcap_compile Please let me know if these are known issues or I am making some bpf formating/ordering mistakes For example: 1) if I pass (protocol_filter and vlan_filter), I see no packets: Like…

pcap libpcap tcpdump packet-capture bpf

asked Jun 30 '15 at 10:46

user3851499

0

votes

1 answer

ARCOUNT set in DNS request header

I'm writing a DNS client in C that can issue DNS queries to a recursive DNS server and read the result. I'm currently reading RFC 1035 and looking at the output of DIG in tcpdump. I notice that in the hexdump of DNS queries, it would appear that the…

dns packet-capture

asked Jun 05 '15 at 10:13

user4099632

Prev 1 2 3

…

43 44 Next