I am trying to create a RAS server in XP Pro. The idea is to log in to this server via a dialup connection. I have set up a new network connection via the New Connect Wizard in XP - according to this tutorial on techrepublic.
I am sure that the modem and the connection is working, I have tested it.
However, I want to monitor incoming network traffic on this connection. So I thought I would use Wireshark. The problem is that Wireshark does not list this incoming connection on the front page. It lists all my other network connections, ( e.g. my ethernet connection ) but not this one.
Whats the best way to monitor traffic on this connection?
Wireshark should be able to capture the traffic on your connection. I would check the protocol you're using for communication and make sure that Wireshark is monitoring those protocols. Also, I would make sure that Wireshark is actually capturing traffic on your dial up device. It sounds like it's currently monitoring your NIC card, not your modem.
I recently found Microsoft Network Monitor and it has ability to sniff on dialup adapter with Vista or Win7 as OS. Works great!
According to this Wireshark wiki page, you must use Winpcp 3.1 to be able to capture traffic on dial up modems.
Related
I try to see the network trafic of my mobile device in my home wlan network.when I opened wireshark, listening on the WLAN Adapter and entered http.request.method == "GET"` to the wireshark filter.
All I can see is the requests from my laptop and not of my mobile device.
If I enter ip.addre == 10.0.0.30 i can see the protocolls BJNP, ICMP, IGMPv2 and so on.
What is the reason for this behavior?
In my opinion, if I can see a TCP IP Protocol, it should be also possible to see a HTTP request.
There are two things that need to happen in order for you to be able to sniff TCP traffic from another device.
Your device needs to receive the traffic you want to analyze, and
Your device must be configured in "promiscuous mode".
If promiscuous mode is disabled (which is the default), packets not intended for your laptop will never make it to Wireshark. They will instead be filtered out by your network adapter.
There are cases where this is not enough, for example, if you connect to a network with a layer 2 switch.
The first thing you need to ensure is that your network adapter is set to monitor or promiscuous mode, otherwise you just won't be able to see packets not meant for your NIC. Also, set your computer as an access point, and connect your phone to said access point.
If you're going to sniff HTTPS traffic don't forget to add your own certificate to the phone.
I have a basestation (beaglebone running linux) at my home which is connected to multiple cameras. I connect my iPhone iOS9 to the basestation via TCP and the basestation will stream the video of each camera to a specific UDP port. All is well.
I want to be able to see the cameras when I am not connected to the local network. When my phone is connected to LTE, I have the iPhone connecting to the public address of my router via TCP and with port forwarding, all data is forwarded to the basestation. I am connecting and talking just like it was on the local network with the TCP client. All is well.
The problem is when the video is streamed via UDP on a specific port, no different than when on the local network, the basestation has no problem sending the packets, but the iPhone is not receiving anything. I am using GCDASYNCUDPSOCKET and my cellular carrier is Verizon.
I am wondering if this issue is due to Verizon blocking UDP packets? Or possibly there needs to be something else done other than just binding the iPhone UDP socket to a specific port and calling the beginreceiving function. I feel if it works on the local network, it should work on the cellular network.
I have also tried to ping the address of my cellphone from my computer which does not work. I am guessing the reason is because the iPhone has blocked this. It should be no different than pinging the address of google or anything else.
Please give me some insight on the possible issues or work arounds. I don't think I need to port forward the UDP since it is only outgoing and my Netgear router does not limit any outbound traffic (from the router to the iPhone). I was doing all this TCP before trying to send the video via UDP. It is much slower waiting to receive acks for 5 cameras streaming live video. And when it doesn't receive a packet it backs up the buffer and causes more issues. Also I had an issue with the TCP packets combining together so then I had to implement some kind of custom ack which made the delay worse, or add an end of message, but then it slows down on parsing and since I don't know exactly what data is coming it made things more difficult.
UDP is the way to go, just cannot receive the packets at this time. My understanding is a lot of games use UDP and they work on LTE network, so I'm not quite sure what the problem is. Is there special UDP ports that only work with Verizon?
I want to use wireshark to check which network users is using Port 59666 for downloads. Is it possible to use wireshark? and how would I begin to do this?
It may be possible to do this with wireshark, but it may require you to adjust your network topology to achieve this.
Firstly you need to decide where to run wireshark.
Wireshark can only tell you about network packets that it can see. To assist, wireshark can put the network card into promiscuous mode, but if the network card is connected to a switch, the switch will not send other network packets to you - so wireshark cannot report on them.
If your users are connected using wifi, then you can run wireshark on a wifi addapter and inspect all wifi network packets from all users on that wifi network. You may also install wireshark on a computer operating as the router / firewall, and inspect all the packets there.
The final option depends on your switch hardware. On managed switches it is usually possible to duplicate all network traffic to an additional port. That would allow you to connect your computer to this port, and then run wireshark on this network connection.
When you are receiving the wireshark trace, set up a filter for the ports you are interested in, and wait for your users to send packets. Inspect the packets, and you will see the source IP address. You now need to translate this IP address to a physical computer (DNS / DHCP servers may help with this).
Depending on your computer environment, tracking it down to a single computer may not identify an individual responsible. Someone could have left a torrent running in the background and someone else could have logged onto and used the machine.
If I have an iOS client and an embedded device that I want to communicate between the two with a WiFi connection using UDP, do I need to write a server (python or something) to facilitate the connection? I am trying to look online but there are a lot of ambigious articles.
Thanks
You'll have to write a server application for the device (iOS or embedded) that will be listening for data.
However, for a simple, single-client UDP connection, your server is basically just a UDP socket, which you bind to the port you want to use - and then start listening for data on. You don't need any connection-handling as UDP is connectionless.
On your client, you just send data to the IP and port of your server, and that's it.
I've done this myself, connecting my iPod Touch to a small ITX computer (running WinXP), to control a small mobile robot over WiFi.
Ideas:
1. Pinging all my subnet ( using simple ping etc )
2. Sending GET to all IP in my subnet? ( may be too slow) waiting for 200 or 404 reply.
Thanx
Can you program your ethernet device to respond to Bonjour (mDNS) requests? That's the preferred discovery mechanism in the OSX/iOS ecosystem. avahi is an open-source mDNS daemon you might be able to run if your device runs a UNIX-like OS. You might also be able to find or write an embeddable mDNS server that you could integrate into your server if you're not running an OS as such.
Otherwise, I'd probably go with a custom broadcast UDP packet that the device will respond to. (which is basically what Bonjour/mDNS does, but less general) To send a broadcast UDP packet, open a UDP (datagram) socket and send a packet to the local subnet's broadcast IP. Make the packet contents suitably unique, and get your device to respond, e.g. using an HMAC, to avoid picking up any other devices or daemons which coincidentally answer on the same port.
This is a pure IP networking question. What you want to do is to send a TCP/IP broadcast message to the network and have you custom device respond to it. See TCP/IP Guide for some basic details.