Sniffer is another word for packet analyzer
A sniffer, or packet analyzer, is a tool that intercepts data-packets from networks (ehternet,wireless,...).
A very known packet sniffer is wireshark.
Questions tagged [packet-sniffer]
97 questions
1
vote
1 answer
How i can dump raw packets from an existing tcp socket using tcpdump on Mac and Linux?
Once I know the IP address and port number combo, I can run this to see some of the packets:
tcpdump | grep [IPADDRESS]
Anybody know how I can now see the raw packets too?
Thanks!
Tomachi
- 121
- 1
- 1
- 6
1
vote
5 answers
how to identify IP address on eth0 when console isn’t available
I need help about the following
I have very old Linux server with one IP address, unfortunately I can’t to access to Linux machine VIA console and I not remember the IP address
So I now thinking about way that I could to verify this IP address
I…
yael
- 23
- 3
1
vote
0 answers
why do I lose ping to a machine when using port mirroring / monitoring (sniffing)?
I am using port mirroring / monitoring in my 3COM layer 3 switches to look at network traffic (using wireshark).
Sometimes, I have found that I loose connectivity with the remote monitor machine (the machine receiving the port mirror traffic). …
Scott Szretter
- 1,860
- 11
- 42
- 66
1
vote
3 answers
Understanding VOIP "sniffer" traces
My customer is doing an Avaya VOIP pilot. I am looking at traces in Wireshark to build my troubleshooting skills. I have found much documentation on VOIP, but little that focuses on protocol analysis and how the various protocols work together.
I…
jpolache
- 155
- 8
1
vote
4 answers
Sniffing packets of specific binaries / apps / process id?
Is there a way to associate packets with executing binaries? I would be open to traditional sniffing methods or even dtrace for that matter.
I have a specific issue on a system with very high traffic. Sniffing "all" packets and filtering them is…
ylluminate
- 1,001
- 2
- 15
- 29
1
vote
1 answer
PCAP to Syslog utility
I am looking for a tool which sniff all the traffic on an interface and produce a syslog like Cisco log in real time.
Example :
Feb 16 10:19:05 tcp S.S.S.S(6083) -> D.D.D.D(80), 1 packet
Feb 16 10:19:07 tcp S.S.S.S(80) -> D.D.D.D(4662), 1 …
Dom
- 6,628
- 1
- 19
- 24
1
vote
2 answers
Packet sniffing SMTP connection
I have a program on Windows that sends email via a remote SMTP server, and it is failing with an ambiguous "cannot connect" error message with no log or other information as to why it is failing. I have tested the SMTP server and confirmed it is…
jrdioko
- 567
- 5
- 9
- 18
1
vote
3 answers
Tool to capture outbound http packets in a linux server
I was searching for a tool to capture http packets sent from a linux server to an external server. Normally I use iftop or iptraf with filters to see real time information and tcpdump to get verbose information. But what I need right now is some…
hdanniel
- 4,253
- 22
- 25
1
vote
1 answer
Finding source of RST packet on ASA 5505
I've ran wireshark on our app server and noticed a reset packet is commonly being received when sending data to a remote telnet server when the connection has been idle for an hour or so.
I've read that our local firewall (ASA5505) may be sending…
James
- 325
- 2
- 10
- 22
1
vote
2 answers
Passing credentials over non-secure, non public domain
Exactly how un-secure is this scenario, please note that I can't use SSL due to restrictions in the website application (yeah go figure!):
We have a domain that is only known to the users who need to know
The user will be inputing user name +…
Mantorok
- 143
- 4
1
vote
3 answers
Packet sniffing a webserver
I have a homework in which I should explain how I would break into a server, retrieve a file and cover my tracks. My main question: is it possible to packet sniff a remote web server?
Other information would be appreciated on covering tracks.
Edit.…
Shawn Mclean
- 139
- 1
- 8
1
vote
0 answers
Ifconfig result on the server running PF_RING with zerocopy
I have an application which uses PF_Ring zero copy as a part of its packet sniffing capability. When this application is running would it be possible to find out the amount of RX/TX traffic using ifconfig or is it correct to say that ifconfig does…
user2714795
- 111
- 3
1
vote
2 answers
How to decrypt TLS traffic with Wireshark using RSA asynchronous encryption?
I want to be able to capture and decrypt TLS traffic that one off my internal application (that I don't have access) makes to the internet. (For testing I am using Postman to create a request to a secure server.)
What I did was to add an Nginx as a…
mavi
- 121
- 1
- 7
0
votes
1 answer
Can GCP do port mirroring at the subnet level?
Can I define a custom network in Google Cloud Platform in such a way so that I can get the equivalent behavior of Port Mirroring in my VPC as one would configure on a hardware switch?
The goal is to sniff all traffic in the VPC for the purpose of…
Jev Björsell
- 111
- 6
0
votes
1 answer
Is it possible to sniff packets on KVM guest loopback interface from host?
I am trying to debug network communication which happens inside CentOS 7 KVM guest. This communication goes from localhost to localhost. I suppose, that all this traffic happens on local lo interface. Is there a recommended way how to sniff packets…
honza-kasik
- 111
- 1