Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
So after googeling there seem to be a lot of people saying that you cannot capture packets from a simulation in Packet Tracer with Wireshark. However, my prof has given me this as an assignment.
I cannot seem to figure it out.
The Scenario:
2 computers (192.168.1.1 and 192.168.1.2) are linked. I ping from PC 1 ( 192.168.1.1) to PC 2. I want to capture these packets.
How would I go about his?
As far as I know, In Packet Tracer you cannot use Wireshark. You can use Packet Tracer's built in simulation and packet filters to track packets.
Other than Packet Tracer,
There are two solutions to your problem:
Physically connect two PCs and just run Wireshark on one PC's network adapter. You can see everything there is between the two of them.
Emulators like gns3 provide facility to attach wireshark to Switch/Router interfaces (Network cards), So you can create a scenario in Gns3 with 2 PCs connected by a switch and activate wireshark on one of the switch port.
Please note that in GNS3 wireshark cannot be attached to the host PC port itself. So that's why we are using an intermediate switch to host wireshark capture.
*Just an advice: Don't use packet tracer, its unreliable and incomplete and sometimes displays or operates wrongly, use emulators like GNS3 which can emulate 99% functionality of routers and connecting network.
You can not use Packet Tracer with Wireshark because Packet Tracer is just an simulator that you can not connect to other programs, you can use GNS3 because it supports real operating Router systems and Switch Layer 3 and you can connect it to programs such as Wireshark, Nmap and others and you can connect it with local server and virtual devices Such as vmware or VB
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 days ago.
Improve this question
I've recently implemented stricter firewall rules, and I keep seeing the Apple devices on my local network attempt to reach out to 192.168.1.156 or 192.168.1.152. In an attempt to understand what it's doing, I ran tcpdump and received this output:
19:36:05.273166 IP 192.168.22.8.53058 > 192.168.1.156.bbs: Flags [S], seq 2685942121, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 2363049810 ecr 0,sackOK,eol], length 0
19:36:14.889388 IP 192.168.22.8.53064 > 192.168.1.152.bbs: Flags [S], seq 3567670609, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 2054024907 ecr 0,sackOK,eol], length 0
Can anyone help explain what the bbs port/protocol is, and/or why Apple devices keep trying to talk to these seemingly random IPs outside of their subnet? To be more specific, it's both iPhones and the Apple TV doing it, but not the homepods on the same network.
Possibly you have another router broadcasting on your network hosting dhcp and trying to handle address spaces at the same time. Sometimes if you have a secondary router and it's not acting as an access point it will do that. Don't know if this helps I don't know alot and am not that experienced. Also BBS is bulletin bus service.
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 12 days ago.
Improve this question
How to configure Suricate to capture packets on the entire network? I have already configured the Suricate but it's only capturing packets that send to Suricata installed host. I want the whole network packets to be captured by Suricata.
I have two different networks such as Data and Internal where Suricata is placed in Internal Network. I have already configured my switch to monitor few ports and destine to second port of Suricata Server but still I didn't see any changes.
Can some help on this matter?
the interface should be in promiscuous mode - to see all traffic.
(HOWTO depends on your os)
ifconfig eth1 up
ifconfig eth1 promisc
and check what is defined in suricata yaml who's under $HOME_NET , and what rules files are set, I recommend to take a glance there to better understand why certain rule is fired.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I'm trying to set up a network infrastructure and program a one to many VoIP system.
It will work in a private WiFi network.
We'll have one server streaming audio packets and many clients requesting/receiving those exact same packets (UDP).
I don't want to send the packets point to point, as I want this to scale to as many clients as possible without hitting a bandwidth limit.
There won't be any other machines on the network other than the server and the clients.
Should I be broadcasting the packets from the server? Would they be sent only once and grabbed by many clients without significant bandwidth overhead that way?
Or should I use multicasting?
Broadcast packets go to every client on the subnet attached to your server. They won't travel beyond that subnet.
Multicast packets allow clients on any subnet to subscribe to the multicast,provided intervening routers or layer-3 switches are configured to support multicast.
Will there be any routers or layer-3 switches in this network?
If so, you'll need multicast. If not, you can use broadcast.
From a bandwidth perspective, each packet is sent only once and picked up by every client - there should be little or no difference in the load on the server. The load elsewhere will depend on the network configuration and the number of clients in any remote subnets.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
Hello currently im using UDP Messages to communicate my program (Made with Delphi Using IdUDPClient and IdUDPServer) on diferent computers in LAN, but yesterday i had a strange issue, one of the computers was unable to receive messages neither could other computers read his messages, All of the programs use the same UDP Port.
The only solution that worked was Restarting the router, but maybe there is an explication on why that happened?
Thank you.
I guess thats just how UDP works :) Quote from wikipedia:
UDP uses a simple transmission model with a minimum of protocol mechanism. It has no handshaking dialogues, and thus exposes any unreliability of the underlying network protocol to the user's program. As this is normally IP over unreliable media, there is no guarantee of delivery, ordering or duplicate protection.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I am trying to understand the mobile hotspot technology (tethering). Specifically, I am interested in how the devices connected to a HotSpot (via Wi-Fi) access the internet via Cellular network. Here are the specific questions :
I am assuming that internet access over cellular network (say 4G) is accomplished through IPv4 or IPv6 packets. Is this true?
If 1 is true, then how are 802.11 packets translated to form IPv4 or IPv6 packets?
If 1 is false, then which frames are used to access internet over cellular networks? and how are the 802.11 frames translated to form the these packets (cellular data)?
I did read the specification documents available for IPv4, IPv6 and 802.11 but they do not mention this particular (WLAN<->Cellular Data) conversion.
Thanks!
Please
Do
Not
Throw
Sausage
Pizza
Away
Further reading.
802.11 packets are not translated into IP packets, or vice versa. IP packets (layer 3) are encapsulated in Ethernet and 802.11 (layer 2, layer 1) packets.
It is very hard to explain this any further until you have even the most basic grasp of network layers (which you don't have at the moment).