All Questions
56
questions
0
votes
0
answers
27
views
Server sometimes not sending ACK in response to PSH, ACK
We've implemented a TCP server socket in C++ on a linux machine which is connected to another device, streaming data small packets at high rate (800 Hz). To do so without too much latency (which we ...
2
votes
1
answer
768
views
How to explain sequences of FIN,ACK instead of FIN - FIN,ACK?
Context: newly installed Debian 12, I get a bunch of strange logs related to ssh:
root@square:~# journalctl -u ssh -f
May 07 11:13:00 yop-square sshd[766]: error: kex_exchange_identification: ...
1
vote
0
answers
27
views
802.11 frames gets resent by my linux
My program is sending custom 802.11 frames for WPA handshake, like authentication, association or acknowledgement. Yet the operating resend the same packet with modifying its radiotapheader and ...
0
votes
0
answers
36
views
Filename error for TFTP recovery for a damaged embedded device
I have a device that do not start, I connected it to my PC and launched Wireshark.
As you can see bellow, the device is asking for a file ends with semi-colon called recovery; to be uploaded through ...
2
votes
2
answers
317
views
extract the top 5 TCP or UDP flows from tshark sorted in descending by Total bytes
As the question heading states, given a packet capture I want to extract the top 5 flows for TCP (or UDP) sorted based on total bytes in the descending order.
I have come up with this so far
tshark -r ...
1
vote
2
answers
668
views
Send Data Across NICs Using socat
I'm working on a project trying to develop a data diode for unidirectional transfer of data, and I'm hoping to use socat for some measurements. As a first step, I want to use socat to send data from ...
0
votes
1
answer
556
views
Extract data from a pcap file
Is there any way to export the data section of all the packets from a pcap file?
For eg: the data section according to the image is ffffffff72636f6e203434207174
I tried searching a lot on web but ...
1
vote
1
answer
3k
views
Extract Data from pcap file
Is there any way to extract this data (red box on below image) and save it in a text file in Linux command line? I tried searching on web but couldn't get anything related to my issue. I want to drop ...
1
vote
1
answer
757
views
tcpdump missing most packets when -w is used
When I use $ sudo tcpdump -i ens160 I can see a lot of noise in my VM. Like 150 packages in a few seconds. Mostly on port 64651. I don't know what that noise is so I am trying to figure it out.
So I ...
0
votes
0
answers
3k
views
"This application failed to start because no Qt platform plugin could be initialized"
I have created a Kali-Linux environment on Windows using Oracle VM VirtualBox 6.1.32. I've been trying to run wireshark on kali-linux. But when I type wireshark in the terminal, I get this error. I've ...
3
votes
1
answer
277
views
Origin of USBMS packets referring to MS-DOS
I've been messing around with traffic interception over USB (using Wireshark) when I noticed that one MP3 player was sending some odd packets in response to read request on the first block of the mass ...
1
vote
2
answers
2k
views
Can a non-admin user sniff network traffic?
Is it possible for a non-administrator/non-root user in Windows/Linux to sniff network traffic?
With no preinstalled third-party tools.
(The user can install third-party tools, but without admin ...
0
votes
0
answers
266
views
Wake on WLAN on GNU/Linux on two machines: one works, the other does not
I'm trying to set WoWLAN on two of my Linux machines, but I've only got it working in one of them. Following this tutorial, I've run:
sudo iw phy0 wowlan enable magic-packet
and also added it to /etc/...
1
vote
1
answer
237
views
ttyUSBx data stalls, usbmon/wireshark shows data
I am working on developing a sensor platform based on a raspberry pi running raspbian and an analog/digital converter (ADC) connected via USB. The ADC should be providing data at 128Hz, and does so ...
2
votes
1
answer
3k
views
tcpdump says "expression rejects all packets"
I want to create a filter which has 2 conditions:-
Filter packets with network. (src net 2a01:111:xxxx::/44)
Filter based on tcp handshake alert messages. (tcp[((tcp[12] & 0xf0) >> 2)] = ...