Highest Voted 'sniffing' Questions - Server Fault Stack Exchange

13

votes

3 answers

tcpdump: capture one of several vlans

I want tcpdump to capture VLAN 1000 or VLAN 501. man pcap-filter says: The vlan [vlan_id] expression may be used more than once, to filter on VLAN hierarchies. Each use of that expression increments the filter offsets by 4. When I do: tcpdump…

asked Oct 29 '10 at 16:31

bstpierre

431
1
3
14

10

votes

5 answers

A website hosted on the 1.0.0.0/8 subnet, somewhere on the Internet?

Background I'm attempting to demonstrate, using a real-world example, of why someone would not want to configure their internal network on the 1.0.0.0/8 subnet. Obviously it's because this is not designated as private address space. As of 2010,…

networking internet subnet sniffing

asked Feb 18 '11 at 21:25

Dave Markle

378
2
11

4

votes

1 answer

sniff mobile traffic data

I'm now preparing an automation testing lab for our mobile department consisting of mainly android devices. For first phase i need HTTP device sniffing, i can't do it on the device as they are not all rooted and it's not all devices are 4.0 and…

linux proxy automation sniffing

asked Dec 08 '13 at 15:36

codeScriber

157
4

3

votes

1 answer

How do I capture all packets on local wifi network using Wireshark settings -

I'm attempting to replicate a 'wifi cafe' setup in a home lab environment. I'd like to demonstrate that unencrypted (non-HTTPS) network traffic on a wifi network can be viewed by other wireless devices. I've seen this in action (ala firesheep) on a…

monitoring wifi wireshark sniffing promiscuous

asked May 21 '18 at 21:12

user3.1415927

172
1
1
8

3

votes

2 answers

tcpdump file size == traffic size?

I created a tcpdump file: tcpdump -i eth0 host xxx.208.xxx.59 -n -s 0 -vvv -w /tmp/dump.dmp duration was about 3 hours. This file now has 450 MB. Can I say now that the IP xxx.208.xxx.59 generated 450 MB traffic in 3 hours?

tcpdump packet-sniffer sniffing

asked Aug 10 '12 at 00:44

Danzzz

55
1
5

2

votes

2 answers

Monitor where an application is connecting to on MacOSX

I just downloaded wireshark for mac as I am trying to find out exactly where an app is connecting. I need to see the URL and the protocol whether it is https or http. I am very new to Wireshark and testing in general and as such would require a…

mac-osx wireshark packet-sniffer sniffing

asked Apr 11 '18 at 10:29

JamesG

121
3

2

votes

4 answers

Can one server see traffic to another server inside a VLAN?

Scenario: I have a rack of servers that all belong to the same private VLAN. I transfer data from Server 1 to Server 2. Is it possible for any of the other servers to sniff out the data sent or is that only possible from the Router/Switch? The…

networking ssh vlan sniffing

asked Jun 22 '14 at 21:50

Devon

780
1
9
20

2

votes

1 answer

Cisco ASA 5500 -- List of outbound connections?

Is there a command or GUI option to get a list of outbound connections. Ideally, I'd like to know the internal IP address, the external IP address, and the remote port used. I don't need a lot of history, but an hour or two is helpful.

networking firewall cisco cisco-asa sniffing

asked Nov 21 '13 at 20:41

tcv

651
8
21

2

votes

1 answer

How to Monitor and Log Port Usage and Destination Attempts of a local computer from a Linux Gateway?

I have access to a linux server that is acting as the gateway to an internal network. There is a MagicJack Plus device plugged into this network via CAT5. The MagicJack gets its ip via DHCP from the linux server, and I've determined which IP address…

linux network-monitoring sniffing bandwidth-measuring

asked Aug 18 '12 at 09:17

LonnieBest

1,450
4
21
36

2

votes

4 answers

Can I read data being sent to/from other computers?

Let's say sniff program is installed on computer A. And let's say I am looking at a Youtube video on the computer B. Can the sniff program see what computer B is doing? If that's possible, witch sniffing program can do that? I use Ubuntu if that…

packet-sniffer sniffing

asked Dec 03 '11 at 14:32

TheDegree0

21
1

1

vote

0 answers

Am I being picked up by a proxy sending my IP/request URLs to China? Sketchy

I spun up a new machine on Digital Ocean today which is pre-configured with a web environment. I made an initial request to the new site and found the following (IP address redacted) in my nginx access logs: 218.65.131.13 - - [16/Apr/2015:07:14:50…

security proxy sniffing

asked Apr 16 '15 at 13:18

Corey Ballou

168
1
7

1

vote

1 answer

Passive ethernet tap

I'm having an hard time figuring out why can't I capture the packets flowing between two devices, in both directions, using a self made Ethernet tap, with copper cable, which looks just like this one: Both end devices (say, A and B) are connected…

tap sniffing

asked Jun 17 '13 at 00:47

bulkmoustache

137
2
5

1

vote

1 answer

Port mirroring, 1 source, two destination disadvantages

What are the disadvantages of having two port mirroring sessions? I have a Cisco 2960 switch in which there is one session having Gi0/1 as source and Fa0/48 as destination. Is it possible to configure another session with the same port as source…

cisco sniffing port-mirroring

asked Jun 07 '13 at 15:27

Saul Martínez

111
3

1

vote

1 answer

tshark not recognizing wpa psk option

I'm trying to decrypt captured wpa-psk traffic with tshark, but it's not recognizing the option I'm trying to override. This option allows me to specify a PSK to use for decrypting. I'm using tshark 1.8.1 from the Backtrack R3. # tshark -o…

wireshark tshark sniffing linux

asked Dec 03 '12 at 12:00

sybind

307
1
4
14

1

vote

0 answers

Configure SilkPerformer to work with Fiddler

Does anyone know how to capture a Silk Performer HTTP request, using Fiddler? We can't seem to capture this information no matter what we try (it seems like it ignores all proxy settings).

http load-testing sniffing

asked Sep 11 '12 at 14:28

Phobis

145
1
2
7

Questions tagged [sniffing]