All Questions
60
questions
0
votes
0
answers
74
views
ARP request is successful, but TCP SYN is not visible in output of Wireshark
I was redirected from Network Engineering, hopefully below is in scope of on-topics.
I have a TCP server, its properties are the following:
It runs within a virtual machine (VMware).
The host OS is ...
2
votes
1
answer
768
views
How to explain sequences of FIN,ACK instead of FIN - FIN,ACK?
Context: newly installed Debian 12, I get a bunch of strange logs related to ssh:
root@square:~# journalctl -u ssh -f
May 07 11:13:00 yop-square sshd[766]: error: kex_exchange_identification: ...
- 3,263
0
votes
0
answers
68
views
Wireshark showing packet exchanges with unconnected IPs
Running Wireshark on a PC for network monitoring and I noticed something strange. Application data is being exchanged with websites that are not open in the browser, or on any other device on the ...
- 9
1
vote
0
answers
123
views
Why is TCP connection on Windows machines, retransmitting after receiving a correct ACK from HTTP server
Using two different Windows laptops, one with Win 7 and the other Win 11, I'm trying to connect to the HTTP GUI of a device (cell phone booster) that's connected directly to my laptop through an ...
- 139
1
vote
1
answer
588
views
Retransmission of TCP packets
I have device A (10.10.25.1), which is connected to device B(10.10.25.52) via unmanaged switch. Device A is a computer. Device B is measurement instrument. Device A is continuously(every 1sec) sending ...
- 4,683
0
votes
1
answer
663
views
How to disable TCP SACK in Windows XP?
Device 1 Windows XP. 192.168.101.173, I have access to the application code, but it is massive.
Device 2 Embedded device. 192.168.101.205. I don’t have access to the code or even to logs from this ...
- 3
0
votes
0
answers
73
views
TCP Receiver's Window stop increasing
I'm debugging a high-bandwidth TCP connection whose throughput is significantly lower than the capability of the device and the network. The network between these 2 hosts is expected to be high ...
- 101
0
votes
0
answers
2k
views
TCP Retransmission (TCP Port numbers reused) issues
I developed a web server and this is running on GKE.
Whenever I send any request to this server from my local pc, it occurs TCP retransmission.
Following is captured packets with Wireshark. The red ...
- 111
0
votes
0
answers
428
views
Why does my LAN NIC get a lot of TCP retransmissions and timeouts?
yesterday I recognized that git cloneing repositories from my private GitLab instance wasn't working consistently. My internet connection is fine and I can also visit GitLab's web interface without ...
- 41
7
votes
1
answer
3k
views
ICMP packet with TCP?
For some time now I have found myself interested in packet analyzing and I try to figure out all kinds of stuff that I see in network captures. I hope you guys might want to help me find out this one.
...
- 73
0
votes
0
answers
651
views
How do I stop TCP reset packets?
Full story: This has been quite the odyssee, finding out who is sending these TCP reset packets. The isp pointed me in the direction of the minecraft server, the minecraft server said it has to be the ...
- 101
1
vote
0
answers
264
views
why might nmap on a computer be reporting port 443 as closed on some but not all computers?
When I run nmap event-bridge.twilio.com on roughly half the computers in my network I get this:
PORT STATE SERVICE
443/tcp closed https
When I run it on the other half of the computers in my ...
- 7,232
0
votes
1
answer
1k
views
Where is the iptables MARK location in TCP package?
In my CentOS7 Server, I emptied all the iptables rules, and then add below rule:
iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A ...
- 880
0
votes
1
answer
1k
views
What ends a TCP stream?
I am using WireShark and went to google.com. I got 23 TCP streams,23 TCP conversations, 23 handshakes right? I know that the TCP streams end with FIN Flag and that TCP segments are encapsulated in the ...
- 21
0
votes
1
answer
325
views
Device communicates with server through bridge, unable to capture all packages
I'm trying to reverse engineer a device to be able to access its API locally. Currently it is communicating with an online server, where I can log into to see its data.
Set up
The device connects ...
- 113