I am running wireshark on my laptop. It is only showing me the packets addressed to and from it, and broadcast packets. I am running it in promiscuas mode, and in iwconfig set the interface to mode monitor. However it can still not see packets from my other laptop. They are in the same room, both wirelessly connected to the same network.
View 2 Repliesenable packet injection on ubuntu. My card was perfectly running fine(though monitor mode and packet injection not working).I had got bcm-sta wireless drivers installed.
When i run lspci --nn command, i found out my driver to be as below::
Code:
Network controller [0280]: Broadcom Corporation Device [14e4:4727] (rev 01)
when i run " airmon-ng "
it displays
[Code].....
I need to get packet injection working desperately. Also , do i need to patch my drivers or something like that?
I'm familiar with ethereal, but I really wish there was some way that I could get whole, complete files out of it. For example, if I'm running the ethereal and I watch a ..... video, the sniffer would produce the .flv file that I just watched. Is there some kind of program that can produce whole files from ethereal capture files? I found a program for windows that does exactly this called "langrabber" but I really want to be able to do it on linux.
View 2 Replies View RelatedI am the new user to ns-2. I would like to know is it possible to send the keys or some value as the packet data (content of the packet) in ns-2 (for wireless environment).
View 1 Replies View RelatedI need a utility to record the traffic on a particular TCP port. I know there are packet sniffers that can do this, but I don't need to monitors the wire, just the traffic to and from my own computer. I would assume there is something out there that can hook into the TCP stack and copy the data to a file just before/after it goes out/in, but my google fu has failed me.
View 6 Replies View RelatedI have configured NFS Server on CentOS 5.2 with IBM Web Server,which is having AIX 5.3 The IBM Web Server can upload all data onto NFS Server. Now, Today i was having slow response on IBM Web Server & by measuring the NFS, i found below error while running "tcpdump" command on CentOS Server.
tcpdump -n -i eth1 | grep 2049
18:36:37.237451 IP 10.100.19.241.2049 > 10.100.19.88.1758143293: reply ok 1448 read [|nfs]
18:36:37.237476 IP 10.100.19.241.2049 > 10.100.19.88.539981409: reply ERR 1448
18:36:37.237481 IP 10.100.19.241.2049 > 10.100.19.88.796287348: reply ERR 1448
[code]....
I have changed Network Card in CentOS. All LAN is on Gigabit Network. Also I have changed the Network Cable(Patch Cord). But,still no response.
I got a problem with my CentOS server. Somebody told me OpenVPN Requires different changes inside my firewall settings. That could be the problem why openvpn wont load..I receive this error on my CentOS panel when im trying to connect into the centos openvpn (with my winxp pc):
Thu Sep 17 20:31:36 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
Thu Sep 17 20:31:38 2009 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Sep 17 20:31:38 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
[code]....
I have kubuntu 9.04 installed in my computer and I am normally using a Gnome environment desktop (though I get back to KDE or Xfce if I have any troubles with Gnome)
This afternoon I restarted my computer and since ever I am unable to log in. I press the on button, get to the partition page and select Ubuntu 9.04 and the computer shows the login page
however, once I type in my password, the computer tries to log in but then brings me back to the login page asking for the password again. I have tried to login as Xfce, Gnome, KDE, Failsafe mode and the result is the same. The only way to get through is to login through the terminal, but then I am unable to get back to the graphical mode.
The first time I started F15 the following notice appeared (approx.: I have translated it from spanish):Quote:Unfortunately GNOME 3 failed on having started and it is now in alternative mode. It probably signifies that your system (graphic hardware or controller) is not capable of executing GNOME 3 complete.Computer data: AMD Athlon XP 2400+ 2,01GHz; 1.5 GB RAM; ATI Radeon 9200SE. Fedora 15.I have checked in several pages of the net that Radeon 9200SE is able to support 3D.I should like to modify the Open Source Xorg to enable the 3D mode (not to install the proprietary drivers, this will come later if there is not another solution), but I don't find the /etc/X11/xorg.conf. There is the /etc/X11/xorg.conf.d
View 10 Replies View RelatedUbuntu Community, I have just switched to ubuntu 9.04, from openSuse.
Am programming with bluetooth. I get the following error. code...
i booted up my Ubuntu 10.04 and at the login promt I changed from GNOME to xterm session. Then i logged in and opened my programs and it didn't have the gtk theme enabled that i have when I start my ubuntu in GNOME session mode. How do i enable gtk themes there so everything looks pretty again? I like starting from xterm because it's very fast..
This is how it looks, notice the ugly buttons and everything... the gtk theme is not loaded and i don't know how to enable it..
[URL]
And here i will show you how it should look and how it normally looks with the gtk theme loaded up... basically i would like it to look like this even when i start it from xterm..
[URL]
Really, I would like to know how i can enable gtk themes when I run my computer in xterm session mode. Is there another application that i have to run? I don't want to run the full GNOME environment, i really don't.
I have recently started using Ubuntu, so far I am quite satisfied with the switch in OS. This time my question has more to do with privacy, govt. sniffing of private/personal communications, Internet censorship and what to do about these issues. I live in a South American country where the govt. wants to impose Internet censorship such as the one currently in place in Iran, Cuba or China. They plan to set up a single node for all Internet communications out-going and in-coming. I would not be surprised if they are already monitoring people`s communications illegally.
1. what can be done to avoid being censored? they will be able to monitor my email accounts, facebook, twitter and so on. They want to force the Internet Service Providers and telecom companies to censor their users, since those companies will be responsible for the content of the emails, sms, tweeter messages, etc.
2. What can I do to avoid their censorship of certain contents which are critical of the govt. or contrary to the regime`s views? I need to be able to read what other people are saying beyond the borders of this country. We can`t tolerate living with this ban. Certain contents coming from abroad will be blocked.
3. How can I protect my email and bank operations? Is a proxy server an option? I really don`t know what a proxy server is, how much it would help us avoid govt. sniffing in private matters for political reasons.
4. what additional measures can be taken? is using encrypted messages an option to communicate with my relatives in order to prevent the govt. from reading my emails?
changed terminal into raw modecfmakeraw(&termios);After that terminal no more captures CTRL+CIs there a way to enable CTRL+C (to terminate the program) while still have RAW mode?
View 3 Replies View RelatedI have 3 Dell Precision M4400 machines. After getting updates yesterday or today, I get random network dropouts like crazy, on wired or wireless. On one machine I was able to turn off ipv6 in grub and reboot, and it works now. However on the other 2 machines, still have the same problems. All 3 are running 9.10 64 bit. Is there a way I can back out the updates so the network works again? Anyone else see this behavior after updates today?
View 2 Replies View RelatedI ordered this USB 802.11n dongle for about $10 and am having problems.I found a firmware related bug (Bug #595455) that keeps it from working out of the box and got around that. I put the right firmware file in the right place and CAN CONNECT TO B or G Access Points.hen I put my AP in N-Only mode, I can see the network, but cannot associate. With the AP in mixed mode I can Associate using G.The most interesting thing I found was something that had very
few google hits (like 4). In the dmesg output after associating I see the message:
Successfully associated, ht not enabled(0, 1)The most interesting thing about this is the (0, 1) at the end.I don't know what that means but it seems like a clue as to what the problem is.This device uses the realtek chipset 8191S, there are conflicting reports on this, but all the reported possibilities seem to use the same driver from realtek (rtl8712_8188_8191_8192SU_usb_linux_v2.6.0006.2010 0625).Here is some random info:
Dmesg output:
[85082.620027] usb 1-3: new high speed USB device using ehci_hcd and address 6
[85082.754586] usb 1-3: configuration #1 chosen from 1 choice
[85082.755456] ==>ep_num:4, in_ep_num:1, out_ep_num:3[code]........
We are running squid as a proxy server having almost 170 users.The clients are using windows and after observing more than once there are some users that are sniffing on the network using maybe some sort of sniffing tool. Now can any body recommend some anti sniffing tool that can help us in detecting that culprit. Any software linux or windows based will I have tried wireshark if someone recommends that then please give some detailed tutorial on wireshark.
View 8 Replies View RelatedI am in a hub(with switches and rooters) and i want to spy what packets everyone receives! if can i do this and if i can which tools i can use?
View 6 Replies View RelatedIf I am sniffing with TCPDUMP or tshark, I have an issue. If I specify a host to watch, I get no packets back, but if I don't specify a host, I get all traffic, including the host traffic I was filtering for the first time. ?? IE: If I: tcpdump -vnnXs 1514 -i bond0 I see all traffic and traffic to x.x.x.x But if I: tcpdump -vnnXs 1514 -i bond0 host x.x.x.x I see no traffic.
View 1 Replies View RelatedI am just starting my adventure into Ubuntu. After installing and configuring Shrew Soft in Ubuntu 10.04 64Bit, I am having some serious packet loss issues. The LAN is wireless, however the only packet loss I experience is over the tunnels. I have tried different algorithms, and it seems as I fiddle with the MTU client side, it clears a bit, but the best I have managed is 23% loss average.
View 2 Replies View RelatedI am trying to simply address translate TCP packets from one destination IP to another destination IP (DNAT?) without getting the initial SYN packet. Is this possible? I do not think it is with DNAT since the conntrack needs SYN first.
I have given the command:
The problem is that the first packet that matches this rule will be the SYN-ACK and I suspect it is simply DROPPED.
I am sparing you the gory details of why I would do such a silly thing, but simply put; I need to intercept client-to-server packets through a tunnel, but allow server-to-client packets to follow through the regular network.
I have been working on this for many days w/o success and my learning curve is still steep. I can provide more details as needed.
My question is about the raw MX reply package structure. I've read the RFC and all relevant pages I could find, but I couldn't figure this one out. Say we do a google.com MX query.
The first answer (just the rdata part) will be: google.com.s9b2.psmtb.com But in the raw package, instead of the .com, you have c0 13. Then for the second answer, google.com.s9b1.psmtb.com, the raw package has, instead of psmtb.com, just c0 3a. So is the part after c0 a pointer towards another part of the message? Or what does it stand for exactly? I am puzzled by it, and don't know exactly where to ask... some of the networking people here might have a good idea.
From all the stuff that can enter an interface, how does it know when an IP packet has been *formed*? What if it's just random garbage entering there for whatever reason? Also, can Linux do other protocols besides TCP/IP? This would be the problem, as I said above.
View 2 Replies View RelatedIn application udp port listening with 3330 i am sending udp request from port 0.0.0.0:3330 to 0.0.0.0:3330 that is same port in the same machine....application works fine udp sending and receiving also fine.....for clarification ....is there any conflicts in the communication ?
View 2 Replies View RelatedI manage a small home network of 5-6 PCs and other devices. One of the PCs is used as a multipurpose server, as well as the gateway to outside.
Sometimes, I need to know what traffic goes in/out of my network (for troubleshooting, etc).
Is there a quick and dirty way to forward a copy of all the packets on the external interface to my own ip when I want to?
I got a new X201 which is running Ubuntu 10.04. While at home, everything is fine, at work, I encounter some issues with wireless. the signal cuts in and out repeatedly.Here's the output of ping. I set it to ping a server every 90 seconds, 10 times. So this is a snapshot of 15 minutes of network activity...
Code:
PING (REDACTED) bytes of data.
64 bytes from (REDACTED): icmp_seq=1 ttl=252 time=1.50 ms
64 bytes from (REDACTED): icmp_seq=2 ttl=252 time=2.13 ms
64 bytes from (REDACTED): icmp_seq=3 ttl=252 time=1.38 ms
[code]....
Also I tried this (from a 2 year old thread which was most relevant solution I could find):
Code:
Changing AVAHI_DAEMON_DETECT_LOCAL=1 to AVAHI_DAEMON_DETECT_LOCAL=0 in /etc/default/avahi-daemon has got rid of the irritating pop-up. Basically, every 5 minutes or so, for a solid 60 seconds or so I get no signal. I've tried updating the kernel, and doing apt-get remove avant-daemon, but still have problems.
Does ubuntu have anything similar to window's program Cain & Abel for wireless packet capture?
View 1 Replies View RelatedI would like to pose is very specific to a system I'm assembling. I have ask for assistance from other forums and people, however the answers receive were too vague to implement.
As for my background, I am a network user able to write TCP Linux client/server applications quite easily. At a Linux system level I do not understand the necessary combination of applications and services to affect the following;
Network components;
- WiFi access point/router with four ethernet ports
- Laptop (user computer) cabled directly into the access point via a physical cable
- Second computer running Ubuntu 10.04, with one WiFi (wlan0) and one ethernet (eth0) interface. Eth0 is configured as a DHCP server with the following;
IPaddress 192.168.252.1
broadcast 255.255.255.0
Eth0 is physically connected to an IP camera via a Cross-over cable. The camera is configured as a DHCP client. This connection works perfectly from the Linux box with a KVM attached.
Wlan0 is connected wirelessly to the access point and the Laptop can access the Linux box and vice versa.
My objective is to have the
- Laptop via the access point/router connect directly to the IP camera on the Linux box via the wireless link.
- I would prefer not to make any configuration or routing changes/entries on the access point/router.
The type of response I'm looking for;
- is this possible at a macro level
- what facilities/server are required on the Linux box (I would like all configuration applied to this computer only)
- what commands need to be executed and in what order. If possible a brief explanation of why the command is needed and where it fits in the grand scheme of the solution.
This is probably a gigantic request outside what the forum usual activity.
I have a machine with two network cards running linux mint 8 XFCE (which is compatable with Ubuntu Intrepid Ibex). eth0 gos out onto the network propper, has a static IP address of 10.10.10.10 and serves DHCP requests for the 10.10.10.x subnet.
eth1 is pluged into a PPPoE concentrator, and has a static address of 192.168.0.1 (I would have left it alone but pppoeconf wouldn't work unless it had an address).
ppp0 is the piont to piont over ethernet conection that is corectly created when I run pon. I have both guard dog and guide dog installed but they are both disabled.
Now, the weird part: I can ping the IP number of the machine at the other end of the pppoe conection (when it changes I can still ping the new number), the local IPs (10.10.10.x), but *nothing* else not even the DNS servers passed to the machine during ppp conection which are in the same sub net as the machine I can ping.
When I try to ping or trace the route I get an error message like: reply from 10.10.10.10: desination unreachable There is nothing wrong with the network at the other end, as I can make an Identical PPPoE connection from other machines on the network if the the concentrator is pluged into the hub (a rather unsafe place for it to be) and it all just falls into place.
What seems to be happening is that the machine is treating eth0 rather than ppp0 as the internet gateway, and passing the packets round in circles.
I wrote a program for transmitting an UDP Packet. It is properly received in Fedora core 2 machine while its not received properly in Fedora 12. I tried using Wireshack packet capture software which shows the protocol as DIS. Is there any service or setting i need to do for identifying the packet as UDP.
View 2 Replies View Relatedhow to identify the icmp packets & marking. this below icmp packets marking is not working.
iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 0x5
iptables -t mangle -A PREROUTING -p icmp -j RETURN
with the help of port no or any other how can i identify the icmp packet ?... This below two is working fine
iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 0x2
iptables -t mangle -A PREROUTING -p tcp -j RETURN
iptables -t mangle -A PREROUTING -p udp -j MARK --set-mark 0x3
iptables -t mangle -A PREROUTING -p udp -j RETURN