All Questions
14
questions
0
votes
1
answer
1k
views
How to understand Wireshark ICMP data size
When I send a ping from Linux specifying 8972 bytes, the command output looks like this:
PING 192.168.100.100 (192.168.100.100) 8972(9000) bytes of data.
That 9014 number includes the 8 byte ICMP ...
- 1,265
1
vote
2
answers
11k
views
Ping doesnt work but wireshark detecting ICMP request and reply
I am running into a weird issue and would be grateful if anyone of you can add information.
I have configured two different subnets and as a test. I am trying to ping one machine at 10.10.11.9/30 (on ...
- 11
1
vote
2
answers
1k
views
What is the character sequence in "Data" that is shown when you capture the ping command in Wireshark?
In all my ping captures I have this abcdef... sequence in "data", is there something relevant about it or is it just dummy data? Is there any purpose of it other than measuring round-trip ...
- 147
0
votes
1
answer
808
views
Interpreting Wireshark output for a ping test between two machines
Full disclosure: I am a student, and yes, I am working on a lab report for my Internet Security course, but this is not a direct lab question- I'm just curious to understand more about the outputs I'm ...
- 103
6
votes
1
answer
1k
views
Why does the 2nd ARP request wait until the pings are over to show up?
This problem was presented to me by one of my professors because it only happened after switching from 100Mb cards to Gigabit NICs. The second arp request that comes from the computer being pinged (to ...
- 61
0
votes
0
answers
378
views
High ping time to router causing lag (Wireshark files included)
I'm trying to get my WIFI stable, but it seems like the ping to the router fluctuates from time to time.
Sometimes i get <3ms for hours, other times i have unstable ms from 20 to 1500ms.
Ive ...
- 101
2
votes
0
answers
742
views
ARP requests sent on different subnets
I am quite confused with an experiment I made at home. I have two computers, say A and B:
A and B are connected (ethernet) to the same private network (with a gateway to the internet) 192.168.1.99/24 ...
- 165
0
votes
2
answers
962
views
Wireshark does not display ARP frames before ICMP frames on a ping request
So far I know that if Wireshark does not display ARP frames before ICMP frames, it's usually because there are ARP requests in the cache.
I did check the cache and deleted any ARP data in the cache:
...
2
votes
2
answers
7k
views
What causes dropping of ARP response packets in a wireless network?
I have a network of wireless access points (APs) in my local area network (LAN).
Some PCs in the network can get ping responses from some other PCs/devices in the network but not some others. I have ...
- 347
1
vote
1
answer
1k
views
Ethernet Data Traffic hidden from Wireshark capture
I have a puzzle I am not able to figure out, I would appreciate any help.
I am connected to a remote desktop using windows default remote desktop utility (Windows 8 locally, Windows 7 remotely).
The ...
- 111
0
votes
0
answers
326
views
Wireshark Capture Filter
I am new to wireshark and I am trying to capture an ICMP packet over 802.11g, I am using windows and pingplotter. The issue is that on wireshark capture I am not getting any ICMP packets no matter how ...
- 101
1
vote
1
answer
4k
views
Why isn't Wireshark showing high layer packets like ICMP/IP/UDP? (Only broadcast packets are shown)
I am using Wireshark for 802.11g sniffing. The AP is not using any encryption. These are my observations:
The vast majority packets are beacons and the probe requests.
If I filter out beacons using ...
- 253
4
votes
2
answers
11k
views
Why does a PING reply require an ARP request for the originating hosts MAC?
I have a scenario as depicted below.
Here two host machines are connected via a hub:
Ok, so host-1 wants to ping host-2 and i have setup wireshark on a 3rd host connected to the same hub. Now ...
- 149
6
votes
3
answers
19k
views
Why can't Wireshark read packets from ping?
I have Wireshark started, then I ping an IP address.
But Wireshark is not picking up any packet sending to or receiving (echoing) from the destination address.
Why? Is ping "protected" from being ...
- 2,019