Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 days ago.
Improve this question
I've recently implemented stricter firewall rules, and I keep seeing the Apple devices on my local network attempt to reach out to 192.168.1.156 or 192.168.1.152. In an attempt to understand what it's doing, I ran tcpdump and received this output:
19:36:05.273166 IP 192.168.22.8.53058 > 192.168.1.156.bbs: Flags [S], seq 2685942121, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 2363049810 ecr 0,sackOK,eol], length 0
19:36:14.889388 IP 192.168.22.8.53064 > 192.168.1.152.bbs: Flags [S], seq 3567670609, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 2054024907 ecr 0,sackOK,eol], length 0
Can anyone help explain what the bbs port/protocol is, and/or why Apple devices keep trying to talk to these seemingly random IPs outside of their subnet? To be more specific, it's both iPhones and the Apple TV doing it, but not the homepods on the same network.
Possibly you have another router broadcasting on your network hosting dhcp and trying to handle address spaces at the same time. Sometimes if you have a secondary router and it's not acting as an access point it will do that. Don't know if this helps I don't know alot and am not that experienced. Also BBS is bulletin bus service.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 10 months ago.
Improve this question
I've collected an array of packets on Wireshark and i'm wondering how do I filter that properly to see the most used ports / protocols?
I'd assume it'd be within "Analyze" "Filters" and then you'd have to create a specific one if this is the way of doing it, although I am unsure of how to properly express that in code.
I'd assume I dont need to provide any images of data for this query but if I should, please let me know
Any ideas?
How can I find out the traffic flow rates of my packets in Wireshark?
you can go to "statistics" then "ipv4" or "ipv6" depending of your network, then "destinations and ports".
It will give you the most used port and protocol.
Then you can just apply a filter by entering something like tcp.port == the_port in the searchbar (you have to replace tcp by the most used protocol and the_port by the port that you want to filter).
concerning the flow rate, you can find it with the flow graph. (again in statistics menu).
Have a nice day
JC
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I’m changing a server with a bare metal installation with one ip to a new cisco sever with esxi with 3 vm’s, one of them is going to be a nat router to nat the traffic to the other 2 vm’s, is there a way to keep using one just ip ?
I don’t think so, you will need at least 2 one for esxi virtual network to communicate with your network and one for your nat router vm to distribute the traffic via NAT
In fact if your server has CIMC you will need another one to have a remote access to CIMC if you need to recover the server, but it’s not mandatory because you can always connect to CIMC through the console.
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 12 days ago.
Improve this question
How to configure Suricate to capture packets on the entire network? I have already configured the Suricate but it's only capturing packets that send to Suricata installed host. I want the whole network packets to be captured by Suricata.
I have two different networks such as Data and Internal where Suricata is placed in Internal Network. I have already configured my switch to monitor few ports and destine to second port of Suricata Server but still I didn't see any changes.
Can some help on this matter?
the interface should be in promiscuous mode - to see all traffic.
(HOWTO depends on your os)
ifconfig eth1 up
ifconfig eth1 promisc
and check what is defined in suricata yaml who's under $HOME_NET , and what rules files are set, I recommend to take a glance there to better understand why certain rule is fired.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I want to use the port 12345 for hosting a server for an application I have, however the port is already in use by another program.
I have already tried:
netstat -anb
However, none of the programs listed use this port. Doing some research online I found out that Trend Micro Security uses this port. though I used to have this Anti-Virus software installed on my computer, I have long ago switched to Norton, and am still not able to use this port.
I use netgear, and have no problems using other ports.
Any help will be appreciated.
Mona.
NetGear has been known to have problems with port 12345. Try calling their support.
Belkin and Dlink work fine. So if possible, try changing your router to see if the problem goes away. If yes, then it is a router issue. If not, then contact your ISP since they block 12345 as well.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
Hello currently im using UDP Messages to communicate my program (Made with Delphi Using IdUDPClient and IdUDPServer) on diferent computers in LAN, but yesterday i had a strange issue, one of the computers was unable to receive messages neither could other computers read his messages, All of the programs use the same UDP Port.
The only solution that worked was Restarting the router, but maybe there is an explication on why that happened?
Thank you.
I guess thats just how UDP works :) Quote from wikipedia:
UDP uses a simple transmission model with a minimum of protocol mechanism. It has no handshaking dialogues, and thus exposes any unreliability of the underlying network protocol to the user's program. As this is normally IP over unreliable media, there is no guarantee of delivery, ordering or duplicate protection.