Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 10 months ago.
Improve this question
I've collected an array of packets on Wireshark and i'm wondering how do I filter that properly to see the most used ports / protocols?
I'd assume it'd be within "Analyze" "Filters" and then you'd have to create a specific one if this is the way of doing it, although I am unsure of how to properly express that in code.
I'd assume I dont need to provide any images of data for this query but if I should, please let me know
Any ideas?
How can I find out the traffic flow rates of my packets in Wireshark?
you can go to "statistics" then "ipv4" or "ipv6" depending of your network, then "destinations and ports".
It will give you the most used port and protocol.
Then you can just apply a filter by entering something like tcp.port == the_port in the searchbar (you have to replace tcp by the most used protocol and the_port by the port that you want to filter).
concerning the flow rate, you can find it with the flow graph. (again in statistics menu).
Have a nice day
JC
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
My Fortigate device sends syslogs to my Splunk server and approximately 40G per day, in your view, is it reasonable?
I need to keep my data on splunk for 90 days but I do not have enough storage!!!
40 gigs a day off a single appliance can be high, normal, or very (very) low
That you don't have enough storage indicates your environment likely wasn't architected properly
Proper sizing and implementation is done by Splunk PS and/or PS partners - or you may even be able to get what you need via your Sales rep or SE
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
My question is:
I have two applications on a server. Once svn (This service was first installed which is why he has the Prot 80 already occupied.).
And my second application is Mantis, which runs with the Wampserver. (Two applications to run on a port does not work. Huh?)
Now I have both applications as far as on the server configured and you run both without problems (on the server). But I want access from my internal network to the two server through Internet Explorer. However, when I enter the url to the server, but my svn appears. Mantis is not displayed.
Do you know how I can do that?
Thank you
You should be able to do this by adding the portnumber to the url, something like http://my.intranet.biz:1234
You should know this if you are playing around with ports :)
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I want to use the port 12345 for hosting a server for an application I have, however the port is already in use by another program.
I have already tried:
netstat -anb
However, none of the programs listed use this port. Doing some research online I found out that Trend Micro Security uses this port. though I used to have this Anti-Virus software installed on my computer, I have long ago switched to Norton, and am still not able to use this port.
I use netgear, and have no problems using other ports.
Any help will be appreciated.
Mona.
NetGear has been known to have problems with port 12345. Try calling their support.
Belkin and Dlink work fine. So if possible, try changing your router to see if the problem goes away. If yes, then it is a router issue. If not, then contact your ISP since they block 12345 as well.
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 months ago.
Improve this question
I am new to wireshark and trying to solve simple examples. I captured a simple html file and the question i am trying to answer is: "How many bytes of content are being returned to your browser?".
I am confused here. Let me first show the screenshot here:
I see two things when i click on the "OK" message received from the server. First it says 540 bytes captured, and second it also says that content length is 232. Which one is the answer to my question and what is the difference between these two numbers? Can anyone explain?
Thanks
The two numbers are measuring different things. The Content-Length is the actual size of the HTTP response body in bytes (only the body, so not including the headers), whereas the 540 is the total size of the network frame including the IP and TCP protocol overhead and the HTTP headers.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
Does anybody know how can I find out what's the interface a packet arrived on? I captured packets with tcpdump using "-i any" and now I want to find out on what interface a certain packet was received.
And another question, can I start tcpdump on an interface that does not exist yet? The code I am testing creates an interface and starts sending packets imediately. The problem is that by the time I get to hit tcpdump, some packets are already sent.
Thanks!
I think we cannot do that on a interface which is not in network .. we can work on packets which flies in the network so the Ethernet should be in network