Search Results

Search found 16644 results on 666 pages for 'traffic management'.

Page 430/666 | < Previous Page | 426 427 428 429 430 431 432 433 434 435 436 437  | Next Page >

• Processing incorrect mac addresses from 802.11 frames with pcap

  - by Quentin Swain

  I'm working throurgh a project with pcap and wireless. Following an example posted in response to oe of my earlier questions I am trying to extract the mac addresses from wireless frames. I have created structures for the radiotap header and a basic management frame. For some reason when it comes to trying to output the mac addresses I am printing out the wrong data. When I compare to wireshark I don't see why the radio tap data is printing out correctly but the mac addresses are not. I don't see any additional padding in the hex dump that wireshark displays when i look at the packets and compare the packets that I have captured. I am somewhat famialar with c but not an expert so maybe I am not using the pointers and structures properly could someone help show me what I am doing wrong? Thanks, Quentin // main.c // MacSniffer // #include <pcap.h> #include <string.h> #include <stdlib.h> #define MAXBYTES2CAPTURE 65535 #ifdef WORDS_BIGENDIAN typedef struct frame_control { unsigned int subtype:4; /*frame subtype field*/ unsigned int protoVer:2; /*frame type field*/ unsigned int version:2; /*protocol version*/ unsigned int order:1; unsigned int protected:1; unsigned int moreDate:1; unsigned int power_management:1; unsigned int retry:1; unsigned int moreFrag:1; unsigned int fromDS:1; unsigned int toDS:1; }frame_control; struct ieee80211_radiotap_header{ u_int8_t it_version; u_int8_t it_pad; u_int16_t it_len; u_int32_t it_present; u_int64_t MAC_timestamp; u_int8_t flags; u_int8_t dataRate; u_int16_t channelfrequency; u_int16_t channFreq_pad; u_int16_t channelType; u_int16_t channType_pad; u_int8_t ssiSignal; u_int8_t ssiNoise; u_int8_t antenna; }; #else typedef struct frame_control { unsigned int protoVer:2; /* protocol version*/ unsigned int type:2; /*frame type field (Management,Control,Data)*/ unsigned int subtype:4; /* frame subtype*/ unsigned int toDS:1; /* frame coming from Distribution system */ unsigned int fromDS:1; /*frame coming from Distribution system */ unsigned int moreFrag:1; /* More fragments?*/ unsigned int retry:1; /*was this frame retransmitted*/ unsigned int powMgt:1; /*Power Management*/ unsigned int moreDate:1; /*More Date*/ unsigned int protectedData:1; /*Protected Data*/ unsigned int order:1; /*Order*/ }frame_control; struct ieee80211_radiotap_header{ u_int8_t it_version; u_int8_t it_pad; u_int16_t it_len; u_int32_t it_present; u_int64_t MAC_timestamp; u_int8_t flags; u_int8_t dataRate; u_int16_t channelfrequency; u_int16_t channelType; int ssiSignal:8; int ssiNoise:8; }; #endif struct wi_frame { u_int16_t fc; u_int16_t wi_duration; u_int8_t wi_add1[6]; u_int8_t wi_add2[6]; u_int8_t wi_add3[6]; u_int16_t wi_sequenceControl; // u_int8_t wi_add4[6]; //unsigned int qosControl:2; //unsigned int frameBody[23124]; }; void processPacket(u_char *arg, const struct pcap_pkthdr* pkthdr, const u_char* packet) { int i= 0, *counter = (int *) arg; struct ieee80211_radiotap_header *rh =(struct ieee80211_radiotap_header *)packet; struct wi_frame *fr= (struct wi_frame *)(packet + rh->it_len); u_char *ptr; //printf("Frame Type: %d",fr->wi_fC->type); printf("Packet count: %d\n", ++(*counter)); printf("Received Packet Size: %d\n", pkthdr->len); if(rh->it_version != NULL) { printf("Radiotap Version: %d\n",rh->it_version); } if(rh->it_pad!=NULL) { printf("Radiotap Pad: %d\n",rh->it_pad); } if(rh->it_len != NULL) { printf("Radiotap Length: %d\n",rh->it_len); } if(rh->it_present != NULL) { printf("Radiotap Present: %c\n",rh->it_present); } if(rh->MAC_timestamp != NULL) { printf("Radiotap Timestamp: %u\n",rh->MAC_timestamp); } if(rh->dataRate != NULL) { printf("Radiotap Data Rate: %u\n",rh->dataRate); } if(rh->channelfrequency != NULL) { printf("Radiotap Channel Freq: %u\n",rh->channelfrequency); } if(rh->channelType != NULL) { printf("Radiotap Channel Type: %06x\n",rh->channelType); } if(rh->ssiSignal != NULL) { printf("Radiotap SSI signal: %d\n",rh->ssiSignal); } if(rh->ssiNoise != NULL) { printf("Radiotap SSI Noise: %d\n",rh->ssiNoise); } ptr = fr->wi_add1; int k= 6; printf("Destination Address:"); do{ printf("%s%X",(k==6)?" ":":",*ptr++); } while(--k>0); printf("\n"); ptr = fr->wi_add2; k=0; printf("Source Address:"); do{ printf("%s%X",(k==6)?" ":":",*ptr++); }while(--k>0); printf("\n"); ptr = fr->wi_add3; k=0; do{ printf("%s%X",(k==6)?" ":":",*ptr++); } while(--k>0); printf("\n"); /* for(int j = 0; j < 23124;j++) { if(fr->frameBody[j]!= NULL) { printf("%x",fr->frameBody[j]); } } */ for (i = 0;i<pkthdr->len;i++) { if(isprint(packet[i +rh->it_len])) { printf("%c",packet[i + rh->it_len]); } else{printf(".");} //print newline after each section of the packet if((i%16 ==0 && i!=0) ||(i==pkthdr->len-1)) { printf("\n"); } } return; } int main(int argc, char** argv) { int count = 0; pcap_t* descr = NULL; char errbuf[PCAP_ERRBUF_SIZE], *device = NULL; struct bpf_program fp; char filter[]="wlan broadcast"; const u_char* packet; memset(errbuf,0,PCAP_ERRBUF_SIZE); device = argv[1]; if(device == NULL) { fprintf(stdout,"Supply a device name "); } descr = pcap_create(device,errbuf); pcap_set_rfmon(descr,1); pcap_set_promisc(descr,1); pcap_set_snaplen(descr,30); pcap_set_timeout(descr,10000); pcap_activate(descr); int dl =pcap_datalink(descr); printf("The Data Link type is %s",pcap_datalink_val_to_name(dl)); //pcap_dispatch(descr,MAXBYTES2CAPTURE,1,512,errbuf); //Open device in promiscuous mode //descr = pcap_open_live(device,MAXBYTES2CAPTURE,1,512,errbuf); /* if(pcap_compile(descr,&fp,filter,0,PCAP_NETMASK_UNKNOWN)==-1) { fprintf(stderr,"Error compiling filter\n"); exit(1); } if(pcap_setfilter(descr,&fp)==-1) { fprintf(stderr,"Error setting filter\n"); exit(1); } */ pcap_loop(descr,0, processPacket, (u_char *) &count); return 0; }

  Read the article

• Bridging VirtualBox over OpenVPN TAP adapter on Windows

  - by Sean Edwards

  I'm trying to configure a virtual machine (VirtualBox guest running Backtrack 4) with a bridged adapter over a VPN connection. The VPN is is hosted by the cybersecurity club at my university, and connects to a sandboxed LAN designed for penetration testing against various servers that the club has built. My host (Windows 7 Ultimate) connects to the VPN fine and is assigned an IP through DHCP, but for some reason the VM can't do the same thing, and I'm not sure why. It's like OpenVPN is filtering out packets from the MAC address it doesn't recognize. I want the virtual machine to bridge over the VPN connection, because our IT office has very strict policies about what you can and can't do on the network. I want to be able to run active attacks (ARP spoofing, nmap, Nessus scans) in the sandbox environment without risking the traffic accidentally going over the university network and getting my internet access revoked. Bridging over the VPN connection and running all attacks from inside the VM would solve that problem. Any idea why the host can use this interface, but the VM can't?

  Read the article

• Time between AWS Notifying of Scale Down and Terminating instance

  - by SteveEdson

  Here is the scenario, there are multiple EC2 instances behind a load balancer. When traffic dies down, the SCALE_DOWN policy is triggered from a CloudWatch alarm. What I would like, is for the instance that is going to be terminated, or a separate server altogether, to be able to run a quick script that will execute a few commands to ensure all data has been transferred. My initial question was going to be how can I send a notification when an instance is going to be terminated by an auto scale, SCALE_DOWN policy. But then I saw this question Amazon EC2 notifying the instance when the autoscale service terminates it. If the notification is sent, how much time is there before the instance actually gets terminated? Are there any parameters to specify this time? Would it be a better idea to notify an instance that it is no longer needed, and get the instance to terminate itself once it has finished running the final script? Or, am I making this into a bigger problem than it actually is, and theres a far simpler solution?

  Read the article

• Database schema for multiple category/product relationship

  - by sree01

  I want to design a database for an e-commerce application with category/subcategory management. Please suggest a database schema where we can create categories and subcategories and add products to those categories. Each product can have multiple categories and we can select products belong to multiple categories using a boolean database query Thanks

  Read the article

• Printing to shared printers across VPN

  - by CYMR0

  I have a program that prints labels at five remote sites. Two sites, aren't working, but the rest are with an identical (as far as I can tell) setup. Using Wireshark, I have determined that the handshaking all goes well, but after the "Open Print File Response" the packet that is sent from the server, doesn't reach the client. But I'm a bit at a loss as to where I go from here. I know the port the packet was sent on (445) isn't being blocked, the RST packet gets sent on the same port and that gets there fine. It's also weird that the three out of five sites are working fine. This has been up and running for years without issue, all that we have changed is our connectivity (from DSL to bonded DSL). But this traffic is over a VPN - so it can't be the ISP interfering either can it? I'm totally stuck, and any help would be much appreciated. Thanks!

  Read the article

• Beginning with SQL

  - by Natasha

  Hey ALL; I am enthusiastic to enter the world of Databases through SQL , but i don't know if there's pre-requisits of any significance , i only know c# and java . Besides what tools do i need? i have visual studio 2008 and sql server management studio what else do i need? is it necessary to download a server OS? Bare with me i'm just a beginner lol Thanks all Natasha

  Read the article

• Identifying connections and active SQL in MS SQL Server

  - by scott8035

  How do I see the currently executing SQL statements in SQL Server? I've poked around in SQL Server Management Studio, but I don't see anything "canned".

  Read the article

• Get script of SQL Server data

  - by Jared

  I'm looking for a way to do something analogous to the MySql dump from SQL Server. I need to be able to pick the tables and export the schema and the data (or I can export the schema via SQL Server Management Studio and export the data separately somehow). I need this data to be able to turn around and go back into SQL Server so it needs to maintain GUIDs/uniqueidentifiers and other column types. Does anyone know of a good tool for this?

  Read the article

• Thomson TG585v7 router - promiscuous mode

  - by Nikita

  I have a TG585v7 as a router with several machines plugged into it. In the default setup, the packets are only delivered to the specific machine but I want to be able to setup to monitor all network traffic on one of the machines, i.e. I need those packets to be picked up when my ethernet card is in promiscuous mode. Is this possible? Guide here has this "mcastpromisc Make the IP interface multicast promiscuous. OPTIONAL", is this what I am looking for? Does it mean I need to manually add all my machines by their MAC addresses to be able to receive packets destined for them? Or am I out of luck and I need to get a better router?

  Read the article

• Teredo and IPV6 web servers

  - by Sandro Antonucci

  Hello, I have two different questions, the first one could be stupid. I was reading about IPV6 and ended up in this site http://test-ipv6.com/ that says that I have a public IPV6 with Teredo tunneling. I don't understand if this Teredo is a software thing, does it have to with my ISP, is it enabled by Windows, how do I get that IPV6 IP, where does it come from? I have windows 7. Second question, I have a VPS with IPV6 connectivity only I can connect to it (apparently thanks to Teredo) and visit pages from the web server using IPV6 IP directly into the browser, is it possibile to host a website on there accessible by the IPV4 network? maybe some dns servers than tunnel traffic from IPV4(user) to IPV6(server)? Thank you

  Read the article

• How can programmatically check wich version of the WMI is installed

  - by Salvador

  How can programmatically check wich version of the WMI (Windows Management Instrumentation) is installed using delphi or C# ? thanks in advance.

  Read the article

• W3 Total Cache or WP Super Cache?

  - by javipas

  I'm just preparing the setup of a new VPS where I will migrate a WordPress blog with a good traffic (currently, around 40k pageviews a day), and I was thinking about the caching strategy. I've found different ideas and recommendations, but from previous experiences I will setup a Nginx+PHP-FPM+MySQL (LEMP) system on a Linode VPS. I've read also about setting Nginx as a reverse proxy with Apache, and even using Varnish too, but I don't know if all of this can benefit the speed/performance of the blog (that's the only thing that will be installed on the VPS). The question now is... would you recommend W3 Total Cache or WP Super Cache? I've used W3 on some blogs, but I haven't noticed great benefits and don't need all its options, so I think I could give the veteran WP Super Cache a try. Besides, some users have complained about W3 complex configuration and lack of performance (even consumig more CPU) on some cases.

  Read the article

• Import LDIF file to external server

  - by colemanm

  As a follow-up to my previous question, which I've resolved part of, what we're trying to do now is take an exported .ldif file of the "Users" container on our OS X Server and import it into a separate OpenLDAP server on an EC2 instance. This we'll use for LDAP user authentication of other apps without having to open our internal network to LDAP traffic. The exported .ldif file thinks the DN of the "Users" container is cn=users,dc=server,dc=domain,dc=com. Is it easiest to configure the EC2 OpenLDAP server to think that it's domain is the same so the container is imported to the proper place? Or should we edit the text of the .ldif file to change the DN to match the external naming? Hopefully that makes sense... but I'm confused as to the best way to accomplish this.

  Read the article

• Determine if the document is DOC or DOCX in Java app without knowing its extension

  - by Andriy

  There is a constraint in the content management system that requires to store all word documents with specific extension (different from DOC or DOCX). However, when outputting the document to user we need to know if it is a DOC or DOCX file in order to provide the right MIME type. So, is there a way to programatically find out if document is DOC or DOCX by its content?

  Read the article

• Recommended RAM and disc space for Oracle 11g on Windows

  - by Álvaro G. Vicario

  I need to provide the recommended amount of RAM and disc space (divided in two partitions) so the customer can create an appropriate virtual machine to run Oracle. All I could find in the documentation was a brief listing with minimum RAM and typical/advanced install types. The virtual machine will run latest Oracle Standard Edition One (11g release 2 so far) under Windows Server 2008 x64 and will host a reasonably low traffic web application. How much RAM and disc must I ask for in order to be safe? (Feel free to ask for further details if I've omitted something relevant.) Update: Rough estimations: Database size: 10 MB after installation Growth rate: +3MB per day on average Size of database 'active' data: (not sure of what this means, there's not actual archive so I guess all data is current) Amount of data written per second in peak hours: a few KB Number of client sessions: 3 or 4 at most Frequency and response size of most heavy requests: some reports make heavy table JOINS that need up to 20 seconds to complete but they won't return more than a few thousand rows with plain text. The app also handles BLOBs (typical size from 50KB to 200KB)

  Read the article

• proxy.pac file performance optimization

  - by Tuinslak

  I reroute certain websites through a proxy with a proxy.pac file. It basically looks like this: if (shExpMatch(host, "www.youtube.com")) { return "PROXY proxy.domain.tld:8080; DIRECT" } if (shExpMatch(host, "youtube.com")) { return "PROXY proxy.domain.tld:8080; DIRECT" } At the moment about 125 sites are rerouted using this method. However, I plan on adding quite a few more domains to it, and I'm guessing it will eventually be a list of 500-1000 domains. It's important to not reroute all traffic through the proxy. What's the best way to keep this file optimized, performance-wise ? Thanks

  Read the article

• Bridge virtual machines out WLAN interface

  - by Thomas

  It seems that my wlan card (intel 5100 AGN) firmware doesn't allow "spoofing" MAC addresses. This has the side effect of destroying the capability to bridge out my virtual machines on that interface. Apparently this is a common thing on wlan cards. I can see the incoming traffic just fine in my virtual machines, but their DHCP queries don't get bridged out of the WLAN card. It works perfectly well when using the wired ethernet port. Is there a workaround for this? MAC-NAT or something? I don't want to route my virtual machines out to the Internet because I don't want my host OS to even have an IP address. I'm using Linux and KVM for virtualization.

  Read the article

• SNMP counter issues with cisco RV082

  - by Chance

  Does anyone else poll this router with SNMP? We are using firmware version: 2.0.0.19-tz We are having problems with the traffic counters, some of them appear to be implemented as 16 bit counter instead of 32 bit counters. The reason this is causing problems is that they roll over (at 65,000) to 0 in less than our minute polling cycle, really skewing our metrics. The counter for the Lan (interface 2) seems to be functioning properly, however interfaces 3 and 4 (WAN and DMZ / WAN2) rollover at 65000. Tue May 11 08:38:31 EDT 2010 IF-MIB::ifInOctets.1 = Counter32: 137634 IF-MIB::ifInOctets.2 = Counter32: 1865677943 IF-MIB::ifInOctets.3 = Counter32: 12450 IF-MIB::ifInOctets.4 = Counter32: 49354 Look at counter IF-MIB::ifInOctets.4 5 seconds later: Tue May 11 08:38:36 EDT 2010 IF-MIB::ifInOctets.1 = Counter32: 137634 IF-MIB::ifInOctets.2 = Counter32: 1865836207 IF-MIB::ifInOctets.3 = Counter32: 13167 IF-MIB::ifInOctets.4 = Counter32: 12900 Any suggestions? Seems like a bug to me, however I just wanted to make sure I wasn't crazy.. Thanks!

  Read the article

• Serving static files fails - nginx

  - by Sergei

  Hi, I've been looking and trying around all night, but without success. I configured nginx to serve my static files and proxy all the other traffic: server { listen 80; server_name mydomain.com; access_log /home/boudewijn/www/bbt/brouwers/logs/access.log; error_log /home/boudewijn/www/bbt/brouwers/logs/error.log; location / { proxy_pass http://127.0.0.1:8080; include /etc/nginx/proxy.conf; } location /media/ { root /home/boudewijn/www/bbt/brouwers/; } } The proxy passing is no problem, but when I go to mydomain.com/media/ or try to access any testfile over there, it's without success. I paid attention to the difference between root and alias, my media folder exists, I paid attention to the trailing slashes, but still I get a 404 when trying to access my static media files. Any help?

  Read the article

• OpenVPN Bridge on pfsense: once LAN pings clients, connectivity breaks

  - by Lucas Kauffman

  So I'm using a pfsense openvpn to bridge my LAN segment so VPN users can access the servers. The problem I'm having now is that I can establish a connection, I can ping the LAN server from the VPN, but as soon as I ping the client from the LAN server, there is no connectivity anymore between both parties. So: connect from the VPN client to the LAN = works ping the LAN from the VPN client = works access server from the VPN (ssh, ftp,...) = works ping client from server = doesn't work ping LAN from the VPN client = doesn't work anymore My bridge has em1 and ovpns1 bridged. I noted with tcpdump that ICMP is reaching the bridge between LAN and the VPN segment. But it's not put onto the em1 interface for some reason. My pfsense is running on an ESXi host with th vSwitch port enabled in promiscious mode. Firewall rules allow in and outbound traffic regardless origin or destination.

  Read the article

• Network printer - Print direct or via shared printer on Server?

  - by NickC

  It has occurred to me that a workstation can connect to a printer in two ways: 1). Printing directly to the IP of the printer with the print driver installed locally. 2). Printing to a \Server\Printer1 share with the print queue residing on the server. Question is which way is preferred? I would assume that printing directly to a network printer rather than going through the server would be the most efficient from the point of view of network traffic. On the other hand I guess a server printer share would be easier to manage with the correct driver automatically being downloaded to the workstations. Also what about using GPP (Server2012) to install this printer on the workstations, does that require any specific way?

  Read the article

• In Ubuntu, MoBlock makes it take a while to actually start using internet

  - by Matchu

  When connecting to wireless internet in Ubuntu (tested with two different networks), I connect nearly instantly. However, to actually load a page, I need to wait a few minutes, at which point I can actually use a web browser or Pidgin. Until then, various applications try to connect until they time out. I've discovered that, if instead of waiting a few minutes, I open Terminal and run sudo /etc/init.d/blockcontrol stop, everything suddenly is able to load. I can then start MoBlock again with no ill effects. Why is this happening? What is it that would cause MoBlock to take a few minutes to start letting traffic in, but only when started on bootup? Thanks!

  Read the article

• Smoothwall Express interface issues

  - by Timbermar

  I have a SmoothWall Express box that is currently configured with a Green and Purple interface. Both interfaces are in the same /24 subnet (which seems odd to me). The green interface (address of .254) has a DHCP server that is pushing addresses from .1 to .100 and the purple interface (.253) is pushing addresses from .101 to .120. Every machine here is trusted, and as such is connected to the green interface via a wired connection or wireless APs. Nothing is connected at all (port is physically empty, traffic graphs show no activity) to the purple interface. However, every machine here is pulling addresses from the purple interface. So the question boils down to, how do I remove/stop my machines from pulling from the purple dhcp interface? Also, shouldn't the purple interface (if we were using it for guest Wifi or something) be on a different subnet (i.e. 192.168.100.0/24 instead of 192.168.1.0/24 with all the trusted machines)?

  Read the article

• Sql Server Select Command and too much data sent to winforms application

  - by ThanosPapathanasiou

  When you have an application and send a select command, the sql server gathers all the data and sends them back to your application and fills your datagrid (for example) If you performed the same select command in sql management studio, immediately as the query starts running and finding data the results panel would start filling with the data found. How can I do that for my winforms application? Is there a technique or a standard method of doing something like this? Links to good examples would be an immense help. thanks

  Read the article

• GNS3 Cannot ping/resolve DNS record

  - by Eldad Cohen

  I set up an internet lab with GNS3, which has 3 routers, in each node there is a computer directly connected. One of the hosts is a DNS server, Windows 2003 Server. The other one is a Windows XP machine. Ping is good between routers and machines but no ability to ping domain.com record on DNS server 2003. I set a static nat on the router to route all traffic from gateway to the DNS server internal ip address, still no answer for the dns request. Any ideas or thoughts will be most welcome.

  Read the article

< Previous Page | 426 427 428 429 430 431 432 433 434 435 436 437  | Next Page >