General :: Tcpdump/ngrep Sniff Packet Network Command Lines?
Jun 21, 2011I would like to know the command lines for;
-detecting the wifi in my house without being connected to it
-getting ips/macaddress from the people connected to the wifi
ADVERTISEMENT
Networking :: Packet Drop Measured By Ethtool, Tcpdump And Ifconfig?
May 20, 2010I am running a test to determine when packet drops occur. I'm using a Spirent TestCenter through a switch (necessary to aggregate Ethernet traffic from 5 ports to one optical link) to a server using a Myricom card.While running my test, if the input rate is below a certain value, ethtool does not report any drop (except dropped_multicast_filtered which is incrementing at a very slow rate). However, tcpdump reports X number of packets "dropped by kernel". Then if I increase the input rate, ethtool reports drops but "ifconfig eth2" does not. In fact, ifconfig doesn't seem to report any packet drops at all. Do they all measure packet drops at different "levels", i.e. ethtool at the NIC level, tcpdump at the kernel level etc?nd am I right to say that in the journey of an incoming packet, the NIC level is the "so-called" first level, then the kernel, then the user application? So any packet drop is likely to happen first at the NIC, then the kernel, then the user application? So if there is no packet drop at the NIC, but packet drop at the kernel, then the bottleneck is not at the NIC?
View 1 Replies View RelatedNetworking :: Packet Drop Measured By Ethtool / Tcpdump And Ifconfig
May 19, 2010I have a question regarding packet drops. I am running a test to determine when packet drops occur. I'm using a Spirent TestCenter through a switch (necessary to aggregate Ethernet traffic from 5 ports to one optical link) to a server using a Myricom card. While running my test, if the input rate is below a certain value, ethtool does not report any drop (except dropped_multicast_filtered which is incrementing at a very slow rate). However, tcpdump reports X number of packets "dropped by kernel". Then if I increase the input rate, ethtool reports drops but "ifconfig eth2" does not.
In fact, ifconfig doesn't seem to report any packet drops at all. Do they all measure packet drops at different "levels", i.e. ethtool at the NIC level, tcpdump at the kernel level etc? And am I right to say that in the journey of an incoming packet, the NIC level is the "so-called" first level, then the kernel, then the user application? So any packet drop is likely to happen first at the NIC, then the kernel, then the user application? So if there is no packet drop at the NIC, but packet drop at the kernel, then the bottleneck is not at the NIC?
General :: Finding Mac Address With Tcpdump Command?
Dec 10, 2009when i send any packet to anu destination and want to see he mac address of source and destination i am using the command tcpdump -qec1 but rather then getting the mac address of source and destination each time i am getting mac address of the system which is broadcasting. will anybody tell me how can i get source and destination mac address even if any other packet is also being broadcast to my network.
View 1 Replies View RelatedGeneral :: Modify Network Packet In Wireshark?
Nov 12, 2010anyone know network packet editor for Linux? or modify network packet in wireshark?
View 1 Replies View RelatedNetworking :: Correct Command To Filter Outgoing Traffic With Tcpdump?
May 6, 2010I have a need to make a rather odd filter in tcpdump- I would like to capture only all those packages on interface eth0, that are outgoing(in other words from IP 192.168.1.1, which is IP for eth0 in this computer) and doesn't have src MAC address 11:22:33:44:55:66. However, fallowing command says, that syntax is wrong:
Code:
tcpdump -n -p -i eth0 src host 192.168.1.1 ether src not 11:22:33:44:55:66
Is this possible? If yes, then what is the correct command?
General :: Triming Lines Using Shell Command?
Mar 22, 2011i have a text file generated automatically from a script , but the result in the script is not ordered in a readable way, so i need your help to fix it using a shell command the text file contain data in this way :
Code:
0.147361 0.243688 0.081520 -0.446603 1.130529 NC_000846 Chordata
Rheiformes
Aves
0.091740 0.379224 0.021160 -0.088493 3.441356 NC_000857 Arthropoda
Diptera
[code]....
i want to arrange the data in this text file in a way that each line will concatenate the 2 lines after it , so that will be 1 line , i want all the lines to be treated in this way ,
General :: Multiple Lines At The Command Line?
Feb 22, 2011I've seen a few tutorials that have commands and parameters on multiple line, like the one below:
Code:
chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start
I can copy and paste this in Putty, but what if I want to manually type it? If I press return, the first line gets processed, so how do I insert a new line?
Networking :: Make Opnet Guru To Get Data From Tcpdump Tool (command)?
Jan 15, 2011I have a WAN network that i need to do some analysis on, for the traffic flows. I did lots of googling to figure out what useful tool to collect the packet informations.I found this site http://scrutin.wordpress.com/2007/04...-tcpdump/witch i made great use of to recognize the tcpdum tool.
I also have a network simulator on windows platform wich is Opnet Guru, (by the way.. is there a linux version for this simulator?).
MY QUESTION IS::
How can i feed the Opnet Guru with the flows data collected with the
Code:
tcpdumpwith its different options?
NOTE: in the Opnet Guru invironment there is an object called the profile that is being used to customize and genarate data flows with the desired characteristics to simulate the real flows. So i need to feed the Opnet with the fresh data collected with the tcpdump tool (command) instead of using the built-in profile.
General :: Breaking Long Command Into Lines In Crontab
Oct 14, 2010How to break strings of command into multi-lines in crontab? e.g.
Code:
# the following is a very long a gruesome command to be run at 09:59 Monday to Friday.
59 09 * * 1-5 source $HOME/some-definitions; sh /usr/local/my/long/name/application/bin/hello $(date +\%Y\%m\%d) >>/var/log/my/long/name/application/log/hello.log
General :: Command To Swap Even And Odd Numbered Lines In A File
May 28, 2010I'm looking for a command to swap the even/odd numbered lines in a file. Example input file:
Code:
1
2
3
4
[code]...
Example output file:
Code:
2
1
4
3
[code]....
I'm sure there's a way to do it with sed, awk, grep and the like but it's been many years since I've used these commands on a daily basis and I can't seem to figure out the correct syntax.
General :: Check Version Of Program Using Command Lines?
Jan 20, 2010How to check the version of a program, in particular geant4, in linux using the command lines?
View 4 Replies View RelatedOpenSUSE Network :: Network Not Work \ After Install All Packet On Test Internet / Update Was Error?
Jan 5, 2011I install from openSUSE-11.3-NET-x86_64.iso. Installation was succesfull, but after install all packet on test internet / update was error. And after log in in installed system internet not work. I use router with DHCP
View 8 Replies View RelatedSoftware :: Command To Get History Command Lines And Time In SUSE?
Jun 23, 2009I have to trace back what command and when it is used for the last 3 months. It is quite urgent as I have trouble with the system configuration.
View 5 Replies View RelatedNetworking :: Sniff Snmp Traps Being Sent To A NMS?
May 31, 2010I'm trying to sniff snmp traps being sent to a NMS. I'm setting -s to 0 but when I start sniffing, some of the packets, instead of being decoded, show me messages like this:
Code:
[len1468<asnlen1663]
What is that supposed to mean?
Ubuntu Networking :: Send The Keys Or Value As The Packet Data (content Of The Packet) In Ns-2 (for Wireless Environment)
Jul 12, 2010I am the new user to ns-2. I would like to know is it possible to send the keys or some value as the packet data (content of the packet) in ns-2 (for wireless environment).
View 1 Replies View RelatedCentOS 5 Server :: Authenticate/Decrypt Packet Error: Packet HMAC Authentication Failed
Sep 17, 2009I got a problem with my CentOS server. Somebody told me OpenVPN Requires different changes inside my firewall settings. That could be the problem why openvpn wont load..I receive this error on my CentOS panel when im trying to connect into the centos openvpn (with my winxp pc):
Thu Sep 17 20:31:36 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
Thu Sep 17 20:31:38 2009 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Sep 17 20:31:38 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
[code]....
General :: Delete All Lines Containing A String, Plus 4 Lines Below It?
Jan 26, 2010I've come across an unusual requirement for a service in my Ubuntu system.Simply put, I need to find a way to search for all instances of a term in a file, delete lines containing containing that term, and delete four lines below each instance of that term. ither that, or copy the entirety of a file to a new file and skip over all lines containing the term plus four below it.This sounds kinda weird, I know. Without going too far into detail, I either have to change the logfile format for a server I'm running which is a huge pain in the butt, or I can just run a script to edit an HTML report generated from said logs. (Said report is really just for managers to peruse, and I like my log format, so I'm pursuing option 2.)
View 4 Replies View RelatedNetworking :: Packet Loss On 2nd Network Card
Jan 23, 2010I try to setup a locale network between 10 (Web) Servers (openSuse 11.2), each Server is connected to the internet (eth0) which works fine on all servers.
A 2nd NIC eth1 (1GBit rtl-8169) on each Server is connect to a Switch and should function as a LAN. I installed/configured the 2nd NIC with yast, and than added a route for the local network (192.168.20.0) to use eth1. So far every thing works (ssh for example), but I have a packet loss of 10%-60% (ping) on the local network, and I cant find the reason for the packet loss. I already installed a Debian Lenny on 2 Servers (just to test) but I have the same problem on Debian.
No firewall or any other application is in the way. With tcpdump I could figure out that the packages are send but never show up on the destination server.
I put some more information about how I configured the LAN below. I have not done this my first time and from my experience if something is wrong with the network configuration (wrong routing, firewall in the way, etc.) this usually leads to a packet loss of 100% or the destination is simply not reachable.
The 2nd NIC is installed with either yast on suse , or by editing /etc/network/interfaces on debian. The Kernel module rtl8169 is loaded.
They are configured with the following values:
Route is added by:
Output example. of ifconfig :
Output of route (same on all servers):
Output of ping:
General :: Get Manual Of Tcpdump?
Apr 14, 2011How to get manual of tcpdump?
View 2 Replies View RelatedRed Hat / Fedora :: Determine Network Interface That Will Be Used To Send Packet For An IP?
Apr 9, 2010I'm writing to you because I encountered the following problem. My program displayes all network interfaces that are available in the system, but I would like to adda functionality in which a user can enter a destination address IP (ex. the IP address of the Google search engine) and will get information which network interface will be used to send it. As I know it is associated with reading information from routing table in the system. Maybe you know the API (functions/methods) which I could use to do it in RedHat ? I program in C/C++, but if you know how to do it in other programming languages (Java, Perl, Python) I will be grateful for any information.
View 4 Replies View RelatedGeneral :: Analyse The Output Of Tcpdump ?
Jul 14, 2010I am trying to analyze the output of tcpdump, but I am unable to figure out what the output is. as I think that the security my computer would be compromised by this output.
View 2 Replies View RelatedUbuntu Networking :: Packet Loss Pinging Local Network ?
Jan 6, 2010I'm using kubuntu 9.10 desktop edition as a server and I set the IP statically, what happens is that when I ping it from another machine on the same network, I get intermittent packet loss (up to 80% and sometimes even higher). When I ping any other machine on the local network everything's fine with 0% packet loss. Packets go directly through switch, no router or anything in between.
I suspected wiring issues, but that doesn't seem to be the problem after I changed the wiring. I was connected to wireless and suspected that but no go either. Same thing when I turn wired. I just changed the ethernet card suspecting drivers but that's no good either. Iptables is a cleanslate installation, it's totally empty.
Security :: /proc/net/packet Says My Server Is Acting As Network Sniffer - According To NSA Doc
Apr 25, 2011So, the NSA puts out some handy documentation on locking down a RHEL server (running centos 5.6 x64 myself) here, [url]. Under "Ensure System is Not Acting as a Network Sniļ¬er" on page 63, it says that if any numbers below the first line in /proc/net/packet, that it is acting as a network sniffer.
I get the following output:
Code:
Unless I've been pwned, I don't know exactly what could be causing this. Besides samba, nmap (compiled from source, not from yum), screen, and rtorrent, there's nothing I've installed beyond the fresh install I did a few days ago. I was not running nmap when looking at /proc/net/packet.
General :: Tcpdump Filtering Remote Interface?
Jan 28, 2011I'm trying to capture traffic between two machines, A and B. I would like to make sure that the traffic I capture with tcpdump is between eth1 on the local machine and eth0 on the remote machine. As I understand it, the -i flag specifies the local machine interface - but how to set the remote one?
View 3 Replies View RelatedGeneral :: Tcpdump Decode Gzip Packets?
Mar 11, 2010Does gzip have the capability to decode gzipped traffic? I have been beating my head against the wall with this issue. What I'm trying to do is capture traffic between a web server and clients, and I've got it set up where it's redirected to a file for ease of grepping, however it's seemingly incapable of decoding gzipped encoding. I know I can do this with tshark, I'm curious as to whether tcpdump has this capability (i.e. only using tcpdump, and not some additional tool like tcpshow or what-not).
I can't find much on this issue in the man page for tcpdump, but it is fairly lengthy, so it's possible that I missed something, but I don't see that as especially likely.
Programming :: Command To Run Another One On Few Lines
Jul 23, 2010Is there a command which can be used to run some other command on a few lines from a file or an o/p of some file. (the kind of role that -exec option does for the find command). (I have solved the purpose using a bash loop but would like to know if there exists a command).
View 4 Replies View RelatedUbuntu Networking :: Slow Network Speed / High Packet Loss
Apr 22, 2010I have problems with my network speed when i ping my proxy server I end up getting a high packet loss generally more than 30%.I have tried to use various network monitoring softwares like etherape, wireshark, tcpdump but I am not able to get to the bottom of the problem.basically I am trying to find out where the lost packets are going.
View 7 Replies View RelatedGeneral :: Capture Packets From Multiple Host Through Tcpdump?
Apr 27, 2010What is the syntax to capture packets from multiple host through tcpdumptcpdump ip host host1|host2|host3|host3
View 3 Replies View RelatedUbuntu :: Run Command Lines On Boot?
Sep 11, 2010how i run the following lines onboot
code:....
/media$ sudo mount /dev/sdb1 /media/mediaStorage1
/media$ sudo mount /dev/sdc1 /media/mediaStorage2