Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: network sniffers

network sniffers 13 years 2 months ago #113

  • adekker
  • adekker's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
after performing a capture using a sniffer and you discover that no traffic has been captured what is the most likely problem
The administrator has disabled public write access.

network sniffers 13 years 2 months ago #114

  • Chris
  • Chris's Avatar
  • Offline
  • Administrator
  • Posts: 1446
  • Thank you received: 13
  • Karma: 8
Adekker,

The problem could be anything from drivers to problematic program. It's really hard to pin point the exact cause without having access to the machine.

Check to see if there are and special filters enabled, causing the sniffer not to catch any data. What sniffer program are you using ?

You might also want to check their website for any patches or know issues the specific version you are using might have.
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
The administrator has disabled public write access.

Re: network sniffers 13 years 2 months ago #641

  • tfs
  • tfs's Avatar
  • Offline
  • Expert Member
  • Posts: 521
  • Karma: 0
You also might check to see if your NIC has Promiscuous mode. If you have a newer card, this probably is not a problem as most have it. The older cards didn't necessarily have it.

Also, are you on a switch? If you are, then you won't see any traffic except what is going and coming from your workstation (unless you have a switch that supports port mirroring).

If you have a switch and know which machines you want to watch, hang a hub on your switch and put the machines you want to watch along with the machine that has you Protocol Analyser on it.

Tom.
Thanks,

Tom
The administrator has disabled public write access.

Re: network sniffers 13 years 2 months ago #643

  • Chris
  • Chris's Avatar
  • Offline
  • Administrator
  • Posts: 1446
  • Thank you received: 13
  • Karma: 8
TFS,

I never was aware that the older nic's didn't support promiscuous mode!

Well, atleast every card I have tried a sniffer, seemed to work in that mode.
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
The administrator has disabled public write access.

Re: network sniffers 13 years 2 months ago #647

  • tfs
  • tfs's Avatar
  • Offline
  • Expert Member
  • Posts: 521
  • Karma: 0
No, some didn't, especially token ring cards. I still have some in my garage that don't. I'm talking real old.

It used to drive me crazy trying to find cards that don't. Network instruments used to have a page describing the ones that do and the ones that don't and you had to order the cards instead of going to your friendly neighborhood computer store to get the high end cards as they were a little more expensive.

Even now, most ethernet cards will tell you number and type of errors, but not the stations that created the error. Network Instruments has a specific card that will do this. Token ring cards never had that problem as you always knew the upstream and downstream addresses.

A lot of this apparently had to do with processing power of the computers. If the NIC card passed all the packets from the network to the computer, it would overload the machine. So if the card had this mode, you would have to go into properties and set it on, as it was normally set to off. Now, I believe all the cards have promiscuous mode (also known as statistical gathering mode) and promiscuous mode is set to on and it is not an option anymore.

Tom.
Thanks,

Tom
The administrator has disabled public write access.

Re: network sniffers 13 years 2 months ago #650

  • Chris
  • Chris's Avatar
  • Offline
  • Administrator
  • Posts: 1446
  • Thank you received: 13
  • Karma: 8
No, some didn't, especially token ring cards. I still have some in my garage that don't. I'm talking real old.

Oh boy .... your really showing your age now :lol:

Hehehe
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.082 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup