Questions tagged [sniffing]
Sniffing is the act of passively collecting all network traffic that a machine hears, whether or not it is addressed to that machine. Commonly performed for network diagnostics, programming debugging and troubleshooting, and security analysis.
297
questions
0
votes
0
answers
29
views
Security Onion VM not picking up traffic from mirrored port
I have the following set up: my PC is connected to two ports on the Netgear switch (2 and 7) via two NICs, and the switch is configured to mirror ports 3 & 4 to port 7. A Security Onion VM on ...
1
vote
0
answers
92
views
How can I sniff a USB connection between a PC and a Thermal printer?
I need to develop a hardware and software solution to intercept the communications between a PC - Thermal receipt printer. The protocol between these two is USB, but i don't have any idea of where to ...
- 11
0
votes
1
answer
47
views
How to capture packets with different snaplen for different packets
I'm trying to capture packets to diagnose a network application. There are a small number of packets that I want to capture the entire contents for application level protocol analysis, but a large ...
- 103
0
votes
0
answers
287
views
How to capture packets at the Ethernet layer on a SOCKS5 proxy server?
When I capture packets with tcpdump on an Ubuntu 20.04 VM running a SOCKS proxy server on port 1080, they are often larger than 1500 bytes. My network device has an MTU of 1500, so as far as I ...
- 1
0
votes
1
answer
71
views
Is routing local Wi-Fi traffic through a local wired VPN device any more secure?
I have several devices on a private local network - some wired (e.g PCs, laptops, SBCs) and some wireless (mobiles, tablets).
I have a Raspberry Pi on the same network, connected via Ethernet only, ...
- 35
4
votes
3
answers
1k
views
Does DNS-over-HTTPS hide domain name of websites from packet analyzers?
A person on my same Wifi network is tracking name of the websites that I visit using tools like Wireshark. Does DNS over HTTPS hide the name of the sites that I visit?
My DNS settings are -
DNS ...
- 45
0
votes
0
answers
603
views
ESP32 DNS tunneling : how to intercept/forward traffic (promiscuous VS httpd VS l2TAP)
Context
I'm often abroad for both work and vacation, and I find myself in situations where internet access is limited or unavailable in many of the countries I visit. While there are often free WiFi ...
- 1
3
votes
1
answer
17k
views
curl: (35) schannel: next InitializeSecurityContext failed - The revocation function was unable to check revocation for the certificate
tl;dr How can I fix "The revocation function was unable to check revocation for the certificate" when using a custom proxy+cert combination? Can I disable this check somehow for the whole ...
- 389
1
vote
1
answer
97
views
Debugging internet connectivity delay issue
Problem
For quite some time now, I am experiencing hiccups in my network connection, although the speeds are on par with what ISP offers (tested with https://speed.cloudflare.com/). Specifically, when ...
- 151
0
votes
0
answers
139
views
Cannot see HTTP when using Wireshark on two different models of Alfa Wi-Fi adapters
I just upgraded my Wi-Fi adapter from Alfa AWUS036ACS to the Alfa AWUS036ACM and I can tell it's much better.
However, I am still not getting the desired results in Wireshark which leads me to believe ...
- 25
1
vote
1
answer
752
views
How does 802.11a,b,g,n,ac and channel factor into sniffing with wireshark?
I have been playing around with wireshark lately and am wondering how your 802.11 version as well as channel impact packet capture? If my router uses 802.11a,g,n and ac and my wifi adapter uses 802....
- 25
0
votes
1
answer
90
views
Will this adapter work with wireshark?
Will the Alfa awus036acm with mt7612u chipset work with wireshark 6.0.2 on Kali 6.0.0 for packet sniffing tcp,udp,dns,http,etc? I have seen both negative and positive reviews on it so I'm not sure.
- 25
0
votes
0
answers
448
views
Why is Wireshark not showing any TCP, UDP, DNS or HTTP traffic?
I'm using Wireshark 4.0.2 on Kali 6.0.0 with an Alfa AWUS036ACS and in managed mode with promiscuous mode enabled I don't see any TCP, UDP, DNS or HTTP.
If I switch to monitor mode with promiscuous ...
- 25
0
votes
1
answer
293
views
Logging network traffic of a specific app in Linux inside docker, stopping it from reaching the internet and spoofing responses
I have an app (Google's Android Emulator running via QEMU) running on Ubuntu inside a docker instance.
I want to:
Capture all network traffic (packets) comming from a VM running inside QEMU.
Prevent ...
- 11
0
votes
1
answer
272
views
Enabling a diverter in fakenet-ng on Ubuntu Linux disables all network traffic
I am trying to capture network traffic from within a docker container running Ubuntu. I am using Flare's Fakenet-ng for this, as I didn't find any better tool suited for the job (capturing network ...
- 11