(Packet-analysis) aka Network Traffic analysis is the process of capturing network traffic and inspecting it closely to determine what is happening on the network Providesthe details of network activities and their communication pattern in a network
4
votes
2answers
141 views
Monitoring without Port Mirroring
A quick overview of the problem
We've been experiencing some issues with our bandwidth usage lately which I fear may be due to misuse (whether intentional or not) of our internet in the office. I ...
0
votes
0answers
14 views
OS X: how to make it reply to “ICMP time stamp query”? [migrated]
As per another question, I'm using hping--icmp-ts to send the ICMP time stamp requests to debug asymmetric routes.
It seems like my OpenBSD box generates time stamp replies by default without any ...
1
vote
0answers
41 views
Summarizing the growth speed of TCP window size with delay ACK option
I'm new to this exchange community and this is my very first question.
I'm reviewing TCP and I would like you to help me, if you can, in understanding the following.
While in a normal scenario we ...
8
votes
3answers
411 views
Does a traceroute/tracert show every hop, or does it skip/hide some details of the path?
I am currently in college for a bachelor's degree in Network Engineering, and one of my Professors explained in class that a traceroute that shows, for example, 15 hops is actually abstracting the ...
7
votes
1answer
93 views
Will WireShark assume packets are DUP or Retransmitted?
I have a SPAN on two different switch ports which are going to the same sniffer. Host A's connecting port is SPANed, and host B's connecting port is SPANed as well. Because it's a router on a stick ...
5
votes
1answer
171 views
Broadcasting wifi packets without a network
I have a question about Wifi, I couldn't find the answer anywhere.
Is it possible to send a packet over wifi without having joined any kind of network (ad-hoc or not)?
I would like to be able to ...
8
votes
3answers
387 views
Packet sizes in a TCP stream
I'm network traffic and wish to divide each TCP session into a series of requests and responses (the protocols I'm working with all work that way, like HTTP or SSL).
I had a simple assumption ...
1
vote
1answer
368 views
Packet sniffing promiscuously on MacBook Air
I'm on a MacBook air, and I got a book form the library about wireless network security. I've been following pretty diligently, but it seems like no matter what I do I cannot capture packets of other ...
2
votes
0answers
49 views
Parity error on PTF Card affecting Windows Devices only [closed]
So, here is the situation.
We had two head ends where all subscribers to this head end, using windows AND sitting behind a wireless router or gateway, were unable to get online. Windows computers ...
5
votes
1answer
242 views
Wireshark Filter - OSPF Database Description Link State ID
Within Wireshark, how would one write a display filter for the IP address of the Link State ID within an OSPF Database Description packet? The Link State ID addresses are found within the LSA Header ...
7
votes
1answer
144 views
packet capturing
I am having a hard time understanding certain terminology and setup when it comes to packet capturing. Example. At my company we use NetScout and the various services such as PFS(Packet forwading ...
22
votes
3answers
1k views
Why do network taps have four ports?
I've been looking at a hardware network tap like this one to replace a pseudo-permanent SPAN that's been running on a Catalyst switch. All the taps I find have four interfaces: A, B, and two output ...
