Investigating strange dialup activity with Wireshark


Login or Register for Dates, Times and to Reply

 
Thread Tools Search this Thread
# 1  
Investigating strange dialup activity with Wireshark

Tue, 01 Jul 2008 15:00:00 GMT
A controlled dial-on-demand router is a convenient tool. An uncontrolled dial-on-demand router is not. The Wireshark network protocol analyzer helped me track down the cause of some strange and unwanted dialup connections.


Source...
Login or Register for Dates, Times and to Reply

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #714
Difficulty: Medium
Machine learning is a well known method for mitigating the Von Neumann performance bottleneck
True or False?

9 More Discussions You Might Find Interesting

1. IP Networking

tcpdump vs. wireshark

Hi, I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay. When using wireshark, I can successfully capture these packets and view them in wireshark. However, when using tcpdump, these packets are then shown in... (2 Replies)
Discussion started by: yotamhc
2 Replies

2. UNIX for Dummies Questions & Answers

Strange system activity no matter what I try

When I choose to encrypt my drive during a Linux install, it encryps it, but I receive errors in dmesg and in ~/.xsessions-errors during use. The first error is in dmesg where it sometimes shows errors writing to the encypted device. The second error is in ~/.xsessions-errors with an error about... (0 Replies)
Discussion started by: justgoogleit
0 Replies

3. UNIX for Dummies Questions & Answers

Linux Tip: How to Configure PPP for dialup for a single machine?

I shall explain how to setup PPP on your Linux machine, so that you can connect to the Internet using an external modem and a Dialup connection. This article explains the setup for the superuser alone (Not normal users).My Setup : My external modem (56kbps) is connected to the Serial Port :... (0 Replies)
Discussion started by: EliteHussar
0 Replies

4. UNIX for Dummies Questions & Answers

unable to browse internet in linux (railwire dialup connection)

Hi Gurus, Good morning . I have a railwire internet connection(dial up).I am able to access internet in windows xp .but in windows xp every time i restart my pc i have to manually right click the "railwire"icon and then click "connect, after this i am just getting connected to the internet. But... (4 Replies)
Discussion started by: sanjay.login
4 Replies

5. Cybersecurity

FTP logfile shows strange activity at login

Has anyone seen or know what is causing this FTP log file line-item? 3 times when I successfully logged into FTP today, the log file shows a server response of a wrong password (530) to an IP address that is not mine... Below are FTP Log-file entries. I have removed my username & IP address: ... (2 Replies)
Discussion started by: bricolage
2 Replies

6. Shell Programming and Scripting

Investigating web pages in awk

hello. i want to make an awk script to search an html file and output all the links (e.g .html, .htm, .jpg, .doc, .pdf, etc..) inside it. also, i want the links that will be output to be split into 3 groups (separated by an empty line), the first group with links to other webpages (.html .htm etc),... (1 Reply)
Discussion started by: adpe
1 Replies

7. IP Networking

Kermit- dialup and network connection

hi all, Using kermit, i made serial dialup connetion between two PCs through telephone line and transfered files trough this line. The code appears as like this, set modem type generic #Setting the modem type. set modem data-compression on #Data compression on to speed up transfer.... (0 Replies)
Discussion started by: pcsaji
0 Replies

8. SCO

FTP with Dialup

I wanted to know how if there is anyway one can copy a file through a dialup modem connection using ftp or any other command on sco unix. I am connecting from a remote terminal to a SCO server and want to download a file from the server. Any suggestions? (4 Replies)
Discussion started by: Yus
4 Replies

9. UNIX for Dummies Questions & Answers

Unix based news servers +dialup numbers

Is there a website that lists telephone numbers for dialup connection to unix based servers? There used to be such a site but can't find it now. What I need is numbers, which my ISP supports, that I can use to access a news server, unix-based. (1 Reply)
Discussion started by: robfo
1 Replies
CAPINFOS(1)						  The Wireshark Network Analyzer					       CAPINFOS(1)

NAME
capinfos - Prints information about capture files SYNOPSIS
capinfos [ -t ] [ -E ] [ -c ] [ -s ] [ -d ] [ -u ] [ -a ] [ -e ] [ -y ] [ -i ] [ -z ] [ -x ] [ -h ] <infile> ... DESCRIPTION
Capinfos is a program that reads one or more capture files and returns some or all available statistics of each <infile>. The user specifies which statistics to report by specifying flags corresponding to the statistic. If no flags are specified, Capinfos will report all statistics available. Capinfos is able to detect and read the same capture files that are supported by Wireshark. The input files don't need a specific filename extension; the file format and an optional gzip compression will be automatically detected. Near the beginning of the DESCRIPTION section of wireshark(1) or http://www.wireshark.org/docs/man-pages/wireshark.html <http://www.wireshark.org/docs/man-pages/wireshark.html> is a detailed description of the way Wireshark handles this, which is the same way Capinfos handles this. OPTIONS
-t Displays the capture type of the capture file. -E Displays the per-file encapsulation of the capture file. -c Counts the number of packets in the capture file. -s Displays the size of the file, in bytes. This reports the size of the capture file itself. -d Displays the total length of all packets in the file, in bytes. This counts the size of the packets as they appeared in their original form, not as they appear in this file. For example, if a packet was originally 1514 bytes and only 256 of those bytes were saved to the capture file (if packets were captured with a snaplen or other slicing option), Capinfos will consider the packet to have been 1514 bytes. -u Displays the capture duration, in seconds. This is the difference in time between the earliest packet seen and latest packet seen. -a Displays the start time of the capture. Capinfos considers the earliest timestamp seen to be the start time, so the first packet in the capture is not necessarily the earliest - if packets exist "out-of-order", time-wise, in the capture, Capinfos detects this. -e Displays the end time of the capture. Capinfos considers the latest timestamp seen to be the end time, so the last packet in the capture is not necessarily the latest - if packets exist "out-of-order", time-wise, in the capture, Capinfos detects this. -y Displays the average data rate, in bytes/sec -i Displays the average data rate, in bits/sec -z displays the average packet size, in bytes -x displays the average packet rate, in packets/sec -h Prints the help listing and exits. SEE ALSO
tcpdump(8), pcap(3), wireshark(1), mergecap(1), editcap(1), tshark(1), dumpcap(1) NOTES
Capinfos is part of the Wireshark distribution. The latest version of Wireshark can be found at <http://www.wireshark.org>. HTML versions of the Wireshark project man pages are available at: http://www.wireshark.org/docs/man-pages <http://www.wireshark.org/docs/man-pages>. AUTHORS
Original Author -------- ------ Ian Schorr <ian[AT]ianschorr.com> Contributors ------------ Gerald Combs <gerald[AT]wireshark.org> 1.2.8 2010-05-05 CAPINFOS(1)

Featured Tech Videos