Questions tagged [packet-capture]

is for questions about capturing packets of various protocols that are transmitted over a network.

A lot of computer network protocols transmit their contents in packets. Packet capture is the interception of these packets as they are moved over a network of some type.

A packet sniffer captures raw data traveling over a network segment and saves it to a file for analysis.

Software

A software sniffer can generally only capture network data either originating from or going to the computer running it, plus any "broadcast" messages, if the computer is connected to the network via a switch. If the computer is connected to the network via a router, it may be able to capture network data for any device on connected to the same router.

Hardware

A hardware packet sniffer is physically connected to the network by connecting it to a router or switch. Sometimes the router or switch has to be configured to allow the sniffer to capture traffic being routed through it; this is called port mirroring.

Analysis

The captured data can be analyzed by the software that captured it, or by a program specifically designed to analyze the network data.

See Also

Wikipedia Article on Packet Analyzers
The term packet sniffer is also common and can be considered a synonym.

659 questions

0

votes

1 answer

tcpdump on dd-wrt router

I'm trying to capture packets from two devices on my network. I have tcpdump installed on my dd-wrt router and working correctly. However, the only packets I capture are broadcast packets when using a tcpdump statement that states only those two…

routes packet-capture tcpdump

asked Mar 12 '10 at 19:18

Senica Gonzalez

7,996
16
66
108

0

votes

1 answer

scapy send packet getting RST

The iptables are stopped, whenever i tried to send packet with scapy i'm getting the packet is getting RST after SYN/ACK the iptables are stopped, the packet are send from MACOSX to Linux OS

scapy packet-capture

asked Jun 12 '14 at 09:15

anish

6,884
13
74
140

0

votes

1 answer

Capturing http data packets on chrome as long as browser active

I'm trying to develop a chrome extension which will capture http packets, their source and destination URLS, the packet size. Basically I want to know how much time the user spends on a particular site for the duration the browser is active. I used…

http google-chrome-extension packet-capture

asked Jun 03 '14 at 09:22

user3702425

11
3

0

votes

2 answers

Network sniffer in Python

I'm trying to find a good and stable network packet sniffer in python, that allows me to do exactly the as I used to with tcpdump. I found this pycap but it does not seem to be that stable... Another options would be Scapy but it does not handle…

python tcpdump packet-capture packet-sniffers

asked May 02 '14 at 17:22

bulkmoustache

1,875
3
20
24

0

votes

1 answer

How to hexdump few lines in a large using only line number.(Not bytes)

I am using hexdump to display file in a readable format. The file is quite large and i know only the line numbers. length of lines are uncertain (may be 10 characters or 100 characters). Is there any option to hexdum few line suppose 5 to 10 or…

packet-capture hexdump

asked Apr 28 '14 at 13:28

Shail_42

201
1
2
10

0

votes

1 answer

Attempted to set a negative index while reading PCAP files

I have a randomly occurring problem on a set of PCAP files. I am trying to parse all the packets from the recorded PCAP files using SharpPcap and PacketDotNet. The errors seem to occur at random. I am not doing anything fancy. The following is my…

c# pcap packet-capture sharppcap packetdotnet

asked Apr 26 '14 at 21:15

Igor Ševo

5,459
3
35
80

0

votes

0 answers

Queue all TCP packets sending out from local device programmatically

I need to queue all tcp packets sent out from the local device programmatically so that the application I implemented using libnetfilter_queue and libpcap would start capturing packets within the queue. But the current solution I have is to manually…

c linux iptables packet-capture netfilter

asked Mar 29 '14 at 14:03

Hasitha Shan

2,900
6
42
83

0

votes

1 answer

Drop captured packet

The project I am working has the requirement of dropping captured packets. I am successfully captuing packets with the use of libpcap like so, pcap_loop(handle, num_packets, got_packet, NULL); Where in the callback function I capture the given…

c linux libpcap packet-capture packet-sniffers

asked Mar 29 '14 at 11:29

Hasitha Shan

2,900
6
42
83

0

votes

3 answers

Receiving packets for different MAC address

is it possible to capture some packets in promiscuous mode (e.g. using winpcap) and than force OS (applications) to receive them as they were sent for our MAC? My observation is following. We can: capture all network traffic using promiscuous…

c windows networking packet-capture winpcap

asked Feb 16 '10 at 13:08

Petr Peller

8,581
10
49
66

0

votes

1 answer

Capturing data packets in closed LAN

In my college lab, all the PCs are connected via a hub. I want to capture data packets using Wireshark, but it only displays the interface of my own PC. How can I capture the packets of other PCs? I've tried all the interfaces, and I can't get it to…

networking wireshark lan packet-capture

asked Mar 29 '14 at 02:52

maharaja

11
2

0

votes

1 answer

How to capture packets and forward http request to a given http proxy

I've searched here and get a clue that I may use VpnService, but there're few samples in using VpnService. Could someone please tell me how to program with vpnservice?

android packet-capture http-proxy

asked Feb 21 '14 at 15:03

KingMario

161
2
10

0

votes

1 answer

Can a Perl program sniff packets from multiple NICs simultaneously?

so I am planning to make a network analyzer using Perl. But before I start I have to answer this question, can a Perl program actually sniff packets in multiple NICs simultaneously? a feature of the program im going to make is that it needs to sniff…

perl network-programming packet-capture

asked Feb 17 '14 at 09:32

OrdinaryProgrammer

213
1
4
13

0

votes

1 answer

netem and tcpdump loopback interface differing ingress and egress

I have two communicating applications on the same machine: app1----->loopback------>app2 I applied some delay (100ms) to loopback interface using netem (tc command) on a ubuntu machine (mint to be more specific). So to verify, if I ping 127.0.0.1,…

networking wireshark tcpdump packet-capture packet-sniffers

asked Feb 06 '14 at 21:37

Volverine

83
6

0

votes

1 answer

How to use Wireshark to help to create a protocol fuzzing framework?

I want to make a protocol fuzzing framework for certain protocols in network devices, made by Cisco, Juniper or Huawei to detect their vulnerabilities. It is important to have a good packet handling mechanism. I know the dissection of Wireshark is…

c++ c networking wireshark packet-capture

asked Jan 29 '14 at 16:15

hsluoyz

2,739
5
35
59

0

votes

1 answer

Wireshark- Follow TCP Stream

How to invoke the GUI option of follow tcp stream using command line on Windows? I've read that there is something like tcpflow but on using it, Wireshark says command not found. The OS I am using is windows and I want to capture and save an HTTP…

windows tcp wireshark packet-capture

asked Jan 27 '14 at 05:46

praxmon

5,009
22
74
121

Prev 1 2 3

…

43 44 Next